Knowing the difference between a bad act and a bad actor can make the difference between incurring managed risk or, more dangerously, unmanaged risk. Certain member acts lead to risk. Transaction monitoring compares activity to originally established expectations to set a baseline for ongoing risk monitoring.
However, bad actors may not behave in an obvious manner. It is critical to contrast and distinguish the occasional bad or suspicious act to a criminally bad actor. Bad actors are often associated with criminal or terrorist elements. They may take a long time to position themselves for money laundering or fraudulent actions.
Knowing as much as is reasonably possible about members and counter-parties is increasingly important for risk management and compliance. There are situations when members and counter parties act imprudently but without malice and even without real knowledge of their imprudence.
Personal Experience
We personally encountered this recently with a relative and it became a topic of conversation when discussing elder financial exploitation with a financial institution. We can relate to mistaking a fraudulent request for funds from a person you believe to be related but turns out to be a fraudster. If the request had been fulfilled, our relative would be acting badly due to misinformation and a lack of validation on their part. However, they are not a bad actor since there was no attempt to launder money or defraud the institution or others.
When a suspicious activity is detected and you review the member's risk rating, you start to understand whether a member is a bad actor or whether it was just a bad act. You could also be dealing with a bad actor that has yet to be detected or defined — a situation that is even more difficult to detect. At this point in the review, knowing the difference becomes important. External data services helps you identify or validate the risk rating models for bad actors. "Negative news" from data services can actually be a positive. Negative news from reputable, public sources can confirm a counter-party as a bad actor. The counter-party includes both the client and any intermediary such as a money services business or offshore institution.
Recent regulatory pressure encourages financial institutions to refuse business services to a spectrum of business types based on "reputational risk." Establishing a customer or counter-party link to discouraged business types requires more thorough research and analysis beyond transaction monitoring. Recently, "Operation Choke Point", referring to choking off funding to criminals, reflects a broader effort to identify high reputational risk business types and deny them commercial and retail banking services.
It is believed that these types of businesses are highly susceptible to money laundering and fraudulent activities that put both banks and customers at risk. Community credit unions may see some of these "banned" businesses seeking money services as a natural side effect of de-risking by larger institutions. Credit unions need additional ways to spot, validate and filter high-risk prospects.
The ability to quickly triangulate our watch list, suspicious activity and publicly available data distinguishes a program. Internet search engines use very large indices built from all possible sources to answer queries. A search for an individual's name, for example, can return hundreds of thousands of search "hits." The results may also have widely varying relevance. If the search is intended to rule out negative histories or associations (e.g. criminal, terrorist) then standard Internet searches are often inefficient or ineffective — they are not focused on the investigative task.
Configuring the Search Engine
A specialized media search engine should use carefully constructed and tuned search sources. For example, it should include crime blotters from law enforcement, local and regional news services. While general social media sources are very useful for sales, marketing and customer service activities, they are not yet robust for compliance purposes and they often lack informed consent and positive identification of the counter-party. Generally available data sources often lack advanced alias testing to ensure that name variations are thoroughly interrogated. Media search engines need to do more than just simple search to validate good actors or identify bad ones.
Panel Focuses on Challenges
A panel discussion at a recent money laundering conference highlighted the challenges financial institutions face with regulators, legislators and legal groups. One of the panel leaders shared stories of testimony before Congress with his financial services clients. Congressmen asked repeatedly why his client did not know about the fraudulent activities of one of its banking or investment customers that transpired over many years. The panel leader responded that many of this criminal's closest friends and business partners were unaware of his illicit activities so how could you expect his bankers to know?
Congress, regulators and major corporate stakeholders are increasingly pursuing this line of questioning and expect to see far greater due diligence, investigation and analysis by federally insured and regulated institutions. The ability to provide a simple evidence chain documenting the process, efforts and findings helps satisfy "what are you doing about this" questioning from all stakeholders and clearly indicates the strength of the institution's commitment to compliance and preparedness.
The use of this data must be carefully evaluated and tracked to ensure an audit trail is kept used in the review. Several members of the panel audience also called out the need for tracking efforts and logging results from these searches. Documenting the way the work was performed and the logic employed was a consistent best practice theme.
Bad acts and bad actors emerge quickly. The need to provide continuous monitoring of risk and exposure points with clients and counter-parties requires more rapid change identification and alerting. As changes in information about bad actors are added to the data service, a running audit trail of those changes shows what information was available to our risk rating and analysis processes at any point in time. Confidence ratings of the search results also helps determine and communicate confidence levels both in the search results and resulting decisions. Confidence ratings also influences the sense of urgency needed for action.
Knowing the difference can make the difference both tactically and strategically. Tactically knowing the difference with precision and high levels of confidence ensures appropriate responses and reporting of bad acts and of bad actors. Strategically, knowing the difference communicates the integrity of our program in both its compliance and completeness to all stakeholders.
Dan Meers is the president and Gregory Lampshire is a partner at K2 Solutions LLC in Reston, Va., a consultancy with expertise enterprise data management, governance and other related disciplines.
