Complete and accurate reporting to regulatory bodies—such as AUSTRAC—continues to be a challenge for large and small institutions alike.
With so many changes already in motion, and many more on the way, how can companies keep up and remain compliant in the ever-shifting regulatory environment?
We tackle the top AML/CTF compliance challenges companies are facing and how to overcome them in our attest report.
The rise in digital activity
Use of QR codes, in-app payments, digital wallets, and mobile phones increased throughout 2020, all the way through 2021, and it looks like the trend will continue well into 2022.
This seismic shift to digital payments placed enormous pressure on financial institutions, who rushed to modernise their payment systems in response to the growing demand from businesses and consumers.
And, simultaneously, regulators also have a hard time keeping up with new technology. Paul Jevtovich, MLRO at NAB and former Chief at AUSTRAC, said of the implications, “we have still outdated and rather conservative thinking, concerning the laws and regulations and many of the laws and regulations have not kept up with, for example, the advancements in technology and the opportunities that they present.”
Cross-border money movements
Global cross-border payment flows are expected to reach US$156t in 2022. This growth in international transactions has influenced new payment rails to enter the market, creating additional payment flows and sources.
The change is being driven by a number of factors, including the growth in global e-commerce, increasing specialisation and internationalisation of value chains, the changing role small and medium enterprises are playing in international business, and increasing trade with emerging markets.
Susana Delgado, Digital Strategy Director at PagoNxT, shared her concerns at the 2021 SIBOS Conference: “Indeed the payment space is fragmented. There are multiple systems, schemes, and standards… specifically I’d like to go in depth (into) cross-border. These notions of interoperability, harmonisation, transparency. They’ve always been a clear need. I would say mainly for two reasons. One is efficiency and the other is compliance.
The key challenge is: how can we increase the speed of the payment without compromising (on) compliance?”
The new hybrid workplace
67% of Australians work from home, whether that’s some or all of the time.
The increased volume in out-of-office working hours made compliance more difficult for organisations.
Working from home exposes a company’s system to more endpoints as, in many cases, employees working from home use their own devices—laptops, desktops, smartphones
Having the highest level of assurance on who was accessing systems and data and how information was being shared and stored is more complicated with a decentralised workforce..
Regulators have seemingly been more lenient as companies adjust to the new ways of working but the hybrid model is here to stay and, moving forward, institutions are expected to have a handle on their security practices to mitigate risks.
The rise in cybercrime
Alongside the adoption of digital practices come higher transaction volumes, payment channels and cross-border payments, which brought a significant increase in fraud attacks during COVID-19. This has been one of the stiffest challenges for financial institutions.
Bad actors developed increasingly sophisticated toolkits and tactics for exploiting weaknesses in the system, which was exacerbated by the rise in digital payments and new payment rails during the pandemic.
“For cross-border payments it’s necessary to be able to run the traceability of the payment end-to-end and innovations like SWIFT GPI have made a difference in that regard. But all in all, we can say that (regulations) are the dark side of innovation in payments,” shared Delgado. “More volumes of payments imply a higher risk of financial crime, so regulation and compliance requirements have implications (to) customer experience.”
Dealing with legacy systems
The key challenge with legacy technologies is their inability to efficiently retrieve, transport, or share data internally or externally. This is further heightened by cross-border transactions and complex correspondent banking chains.
The use of third parties within a payment chain and/or for reporting purposes complicates regulatory reporting by adding layers of data management that aren’t always under the control of the financial institution.
Greg Malosh, Global Head of Liquidity Products, Treasury Services at BNY Mellon, expressed the issue with legacy tech, saying, “Legacy platforms are a big challenge. They’re large, complex, expensive obstacles. I think that’s true for us as providers. It’s also true for our clients. So, one of the key things that we have to do is make sure we’re creating solutions that can be integrated and incorporated into other platforms – whether they reside here at the bank or within our client’s environment.”
Overcoming AUSTRAC reporting challenges
The world has changed. The flight to digital payments, growth of new payment flows, and rise in remote working will continue to be the new normal. As consumer behaviour changes and governments continue to focus on ways to protect their citizens, bad actors will continue to find creative ways to capitalise on the evolving landscape.
Failing to adapt and prepare for change is a precursor for failure, and the penalties for getting it wrong are high. Significant fines, reputational damage, downward pressure on share prices, and the potential for personal liability are constantly on the minds of board members.
For the victims of financial crime, the implications can be even more damaging. The cost of financial crime compliance has steadily climbed year on year due to increased volume of activity, regulatory demands and prohibitive systems that result in a heavy reliance on manual processes and individuals.
But continuing to view risk and compliance programs as ‘cost centres’ is not sustainable.
To effectively meet the new regulatory changes and obligations, financial institutions will need to focus their efforts on AML/CTF compliance technology. We recommend five areas of investigation, including:
- Bringing disparate payment systems together
- Improving data quality and accuracy
- Investing in RegTech, and
- Developing AML/CTF processes
To read our in-depth recommendations, please click here to access our latest industry report, specifically investigating how to overcome these reporting challenges and future proof for what comes next.
Identitii’s compliance reporting platform helps you to automate AML/CTF transactions in a fast, safe, and secure way. To learn more about how our platform can assist with your ISO 20022 migration, click here.