Many financial institutions are inadvertently slipping into noncompliance with anti-money laundering rules even as regulators turn up the heat, according to a white paper released Tuesday by PricewaterhouseCoopers.
The report argues that without vigilant monitoring and maintenance, banks can easily slide into so-called "AML drift." "At many financial institutions, inadequate attention and resources have been dedicated to maintaining and sustaining the core components of AML programs that may now have been in place for more than a decade, leading to gaps in AML compliance," the report says.
Compliance breakdowns tend to occur in three areas, according to the report: processes and updates, technology and organization.
To stay abreast of AML compliance on processes and updates, the report recommends that lenders keep an eye on the compliance issues prompting consent orders and fines at other companies. This will help them identify potential holes in their own processes. The report also recommends that lenders ensure that new products are properly accounted for in AML monitoring systems.
Technology can also be a stumbling block for AML compliance, according to the report.
"Many firms implemented AML surveillance technology systems several years ago, and they were set up as a point-in-time solution," John Sabatini, a partner in PricewaterhouseCoopers' Risk Assurance practice and leader of the firm's Advanced Risk & Compliance Analytics Services, said in a Tuesday press release. "However, the enormity of change occurring within these firms" including changes in customer behavior and product offerings "makes the initial implementation of these systems obsolete, leading firms and regulators to call for their replacement."
But much of the time, replacing these systems isn't necessary, according to Sabatini. "Organizations should re-evaluate their systems before replacing them to determine if they are configured appropriately based on recent customer activity," he said in the release. "They should then institute governance programs to inform management as to when the systems again begin to drift, causing the alerts they generate to become unproductive."
A lack of ownership over AML compliance can further contribute to AML drift, according to the report. Operations, IT, and Compliance departments can wind up squabbling over accountability, leading to a pass-the-buck mentality that leaves key compliance issues unaddressed.