This article first appeared in the summer 2018 issue of the Malta Institute of Accountant's journal 'The Accountant'
Part 1 of 2
‘Digitalisation’ has become a buzz-word in our discussions within the organisation and in external communications with our clients, regulators, suppliers and other third parties. At times, these discussions are ‘demanded’. What is the impetus of these discussions? How does this impact our operations, predominantly in relation to Anti-Money Laundering (“AML”) compliance?
Comparing a snap shot of the way business was conducted a few years (if not months) back to one taken today would bring out great differences. What changed? Over the past 20 years, one may witness enormous AML compliance shifts with increasing regulatory layers. Our firms have evolved: globalisation of businesses, the building of substantial compliance operations, changes in policies and processes, new supporting IT systems, and considerable overhead.
In relation to supporting systems, the development strides have been great. Responding to these continuing regulatory changes, organisations have built substantial operations to simplify compliance and mitigate the risks of money laundering, terrorist financing and financial crime in general. These activities have consisted of modifications to processes, research for new supporting IT systems and the development of entirely new operational areas.
There are a number of sectors where digitalisation can be seen to facilitate AML compliance. At the fore is the role of digitalisation in subject persons’ obligations of customer onboarding and ongoing monitoring. Operators tend to find this an expensive, lengthy and disruptive process. In a 2017 report detailing the findings from a study into new technologies in AML compliance by the PA Consulting Group on behalf of the Financial Conduct Authority in the UK (FCA), it resulted that the “vast majority of respondents” to the study (across all industries) were of the opinion that “customer onboarding and maintenance were two of the areas where technology offered the most promise”. Furthermore, “a number of regulated firms [made it clear that] a move to truly paperless working was a priority in the short to medium term”.
In Malta, the 2017 updates to the Financial Intelligence Analysis Unit (“FIAU”)’s Implementing Procedures (“IPs”) introduced technological alternatives for conducting customer due diligence, for example, through the use of video conferencing tools, e-IDs and other additional measures for verification of the identity details and residential address of customers and their beneficial owners. In terms of ongoing monitoring, digitalisation may also assist in improving on mapping customers’ trends, the scrutiny and filtering of transactions, together with overseeing the expiry of data and documents which subject persons are legally obliged to retain.
At the same time, subject persons are being faced with the task of standardising and facilitating a process that ensures AML compliance together with customer delivery. There is a constant drive to deliver a more efficient and appealing customer experience with least ‘disruption’. This is most evident where different subject persons form part of the same group or are assisting customers in the same transaction.
This would also tie in with the reporting obligations of subject persons in AML compliance. Without the necessary tools, employees may not be in a position to be able to detect proceeds of crime, money laundering or suspicions thereof. This may bring about a failure on the firm’s duty to report through the right channels and within the short statutory time-period. On the other hand, technology may not be seen as the be-all and end-all solution for reporting. The role of the Money Laundering Reporting Officer remains key in this process, helping to determine whether the internal report submitted does constitute sufficient information to merit the filing of a suspicious transaction report to the FIAU.
Part 2 of 2 will be published on our website on Wednesday 3rd October - stay tuned!
For further information, kindly get in touch with our Risk & Compliance team on firstname.lastname@example.org