RegTech Solutions To National Risk Assessment Challenges

At Vaiie, we are passionate about RegTech and passionate about Jersey’s opportunity to become a centre of excellence in this space. With strong regulation, a robust digital infrastructure and a significant talent pool, as well as incredible insight into the international finance sector, Jersey is well placed to produce some of the world’s leading solutions to solve international compliance challenges.

Can technology really help support regulated businesses reduce the risks commonly associated with Money Laundering and Terrorist Financing?

The answer is most certainly – yes. However, the answer does not lie solely on the implementation, delivery and deployment of newer technologies but the way in which businesses maintain their internal policies and procedures and continuously evolve, meeting the ever-changing regulatory recommendations demanded by the standard setting bodies.

The National Risk Assessment (NRA) found Jersey is more likely to be exposed to the "Layering" stage of money laundering – which typologies indicate regularly involve banks, trust and corporate services and or funds - rather than involvement at the "placement" or “integration” stages.

What is Layering?

According to Interactiveservices.com, “Layering is a sequence of transactions that disguises the source of money and the ultimate beneficial owner. Instruments that offer cross-border transfer, speed, and volume, and lack transparency or regulation, are ideal. The more layers created, the more countries and assets involved, the harder it becomes to follow the money trail. Examples include electronically transferring deposits, buying and selling assets, using shell corporations or offshore banks, and working through intermediaries”.*

What is the right technology to protect and enhance my business?

Leveraging the right stack of technology within your current business process can reduce manual and often very time-consuming tasks, ultimately improving operational efficiency, transparency and reporting. However, beware the flipside. Implementing the wrong technology can be costly for your business, resulting in time spent on valuable project management and time resources in the wrong places and ultimately resulting in further inadequacies or mismatches, leading to potential AML/CFT shortfalls.

The main vulnerability currently faced, and clearly identified within the recent NRA, seems to follow a consistent theme - the complexity of client structures and the way opportunists can potentially influence or socially engineer their way into obtaining local and industry leading financial services information, commonly from funds, trust, corporate services and investment businesses, along with some banks. In addition, lawyers, money service business and accountants are also commonly targeted alongside, at a local level, service providers such as real estate businesses, lenders, insurers, casinos or not for profit organisations.

Implementation

RegTech solutions are beginning to have a significant impact on the financial services sector and although the technology behind the solutions may not be brand new, the way in which it is applied by firms in the sector is, and for many organisations it is positively transforming processes and the way they deliver services to clients. It is worth noting, however, that to date, institutions have been slow in adopting these technologies, generally based on cyber security concerns and the threat of further vulnerabilities to the business. Vaiie believes that will change in 2021 and beyond because the reality demonstrates that technology, security, and private cloud infrastructure can be relied upon far more so than the days when businesses kept all of their confidential client data on servers in the basement. 

Rewind to 2013

Just seven years ago, when a rather well known company (Microsoft) launched their suite of cloud services (365), the thought of implementing this change imminently to a business would have been incomprehensible. The concept of hosting private and confidential client data at the nearest data centre, which happened to be Ireland or the Netherlands, would have given all IT Directors cold shivers running down their spines.

Forward to 2020

Today, cloud deployment of operating systems and software is generally considered best practice with few firms opting to use their own capital investment infrastructure. Considering the entire IT framework as a provided service is a cost effective and resilient solution with data sovereignty secured by holding the data encryption keys locally, migrating to cloud SaaS model services was only inevitable.

So how can RegTech combat Layering?

The means by which criminals secure Layering relies on providing the financial institution with false or misleading information, documents, or explanations, all of which might appear plausible. However, on comprehensive probing, these reveal the customer’s stated identity, address, source of funds and source of wealth; in fact, they cannot be verified within the context of the structure or rationale for the business, industry, and country risk proposed by that customer.

That level of probing takes time and is expensive. A careful selection of RegTech tools designed to address these areas of ML/TF vulnerability offers powerful solutions, aiding customer lifecycle management, reducing administration time and speeding up customer onboarding - helping to maintain exceptional levels of ongoing service delivery. These solutions can include:

• Compliant onboarding workflow

 Soon more and more financial services companies will be leveraging multi-jurisdictional workflows with pre-determined KYC profiles to reflect FATF recommendations and jurisdictional requirements, ensuring client onboarding is fast, efficient, and above all compliant.

 A tremendous amount of chargeable time is lost during the initial onboarding, review and approval stages of a client engagement. Businesses can now leverage intelligent review and approval workflow processes which ensure administration teams can review uploaded client documentation and approve or reject, along with the ability to add rejection notes for a robust and fully accessible audit trail.

• Artificial intelligence

 AI is no longer science fiction, it plays a vital role within the accuracy and collation of due diligence, providing the ability to produce powerful adverse media, sanctions and PEPs screening automatically with the added benefit of searching for both structured and unstructured data (e.g. search engines, databases, and paid subscriptions) all within a matter of seconds and in every language. This provides compliance departments months of research in a matter of minutes; a vast improvement to the incumbent service providers currently and commonly used today.

• Identification and verification

 Automating the client identification and verification (ID&V) aspect of a client onboarding seemed crazy only a few years ago; now it has become a powerful part of the process and something which most businesses accept has saved them time, money and effort – thus ensuring more time can be spent on the customer journey. It is also very important that when selecting a technology supplier, businesses validate their process against specific regulatory requirements as some products do fall short of FATF recommendations.

• Address assurance

 Validating a client address has been a somewhat cumbersome requirement for many years. For decades, a copy of a utility bill has been sufficient and this has always been a weak point and gateway for fraudulent account opening and the increased risk of money laundering or terrorist financing. Now, technology can help validate this process by delivering a blend of physical and digital validation to the correct residential address.

• Beneficial ownership discovery

 Ultimate Beneficial Owner (UBO) discovery has become a key factor when understanding, verifying and validating the true source of wealth and source of funds. With the latest in Company Registry searching, open source databases, deep web searching, and AI technology, identifying ownership has become considerably more transparent - even in offshore jurisdictions which have not yet moved to public beneficial ownership registers.

• Regulatory alerts

 The continual increase in regulation is becoming overwhelming and almost unmanageable without intelligent systems, mitigating, reminding, and delivering key updates at the right time. For example, albeit for a mixture of industries, there are over 750 regulators globally issuing on average 201 daily regulatory alerts, the management of which within a business is not possible. However, new technologies make this possible and automated email alerts on a chosen industry, sector or jurisdiction can be set to alert the compliance function to relevant changes or updates.

• Digital signatures

 Digital signatures are not new; however, their adoption has been questionable as banks have been slow on accepting them as a form of official authorisation. This trend seems to now be over with more and more businesses using e-IDAS qualified signatures which are compliant and legally binding. Research has shown that up to 80 per cent of contracts are now signed on mobile devices.

• Interoperability

A few years ago, the RegTech industry had not heard of the word interoperability. Now it seems to be used by every software and blockchain solution, and for good reason. Interoperability ensures all systems, apps and services communicate through Application Programming Interfaces (APIs) seamlessly, ensuring a single source of truth and advanced MI and dashboard reporting.

Solutions that solve challenges as well as add to the client experience – why wouldn’t firms embrace RegTech in 2021?

By assisting businesses in maintaining and evolving internal processes and procedures that are essential to staying on the right side of regulation, RegTech is a must but it doesn’t have to come at the cost of a company’s culture. Digital transformation and implementation doesn’t have to be disruptive to a business, core values, or human capital; in fact, delivered with the correct level of planning, collaboration and efficiency, a Customer Lifecycle Management solution can provide businesses with growing revenue, regulatory clarity and, most importantly, help continue to exceed client expectations with service delivery.

https://vaiie.com/regtech/

* https://www.interactiveservices.com/en-gb/en-gb-placement-layering-and-intigration/

Edmund Hatton
Business Development Manager specialising in Digital Transformation, Innovation, Regulatory Technology and Financial Services. https://vaiie.com/regtech/