Over the last decade, the cost of compliance has skyrocketed, destabilising the budgets of most of the financial giants on the market, not least the banks. Many say these costs are disproportionally high when comparing to the value that compliance should provide to a company. James Daniell, Managing Director at Alvarez & Marsal in Dubai, looks at whether the money is being spent wisely on the most suitable and robust solutions.
Historically, some banks have been hit hard with penalties by the regulators for a range of offences.
As a result, they now take compliance much more seriously, responding to deficiencies by implementing new or improved policies, procedures and solutions to handle, monitor, control and report the information within their organisations a lot more effectively and transparently.
Since in most cases the IT ecosystems are multi-layered complex environments, most stakeholders would prefer to simplify it by having a one-can-do everything, unified and centralised solution when it comes to compliance and data governance, but it isn’t cheap.
Not only that, by the time such a new unified system is implemented, which may take years in some cases, it may already be obsolete in a rapidly changing technological environment.
Another consideration is that for companies with wide-spread global operations, dispersed locations and data centres, it may not be necessary to bring all the data across into one place, and keep it constantly updated and monitored. A change in a single location can trigger an avalanche of amends not only to a centralised system but potentially also to the scattered systems that feed or rely on the centralised compliance data centre.
Perhaps by introducing dispersed ledgers and more robust eDiscovery solutions that can handle both structured and unstructured sources of information, and with addition of smart data analytics and predictive coding, a company can have full sight and control of its data and transactions without requiring a centralised solution.
It would allow a business to have dynamic dashboards, predict trends, monitor information and pin-point outliers and inconsistencies, which could be shared with no need to bring all the data into once central location for compliance purposes.
We are dealing with so-called ‘Big Data’ today, where the amount of information available in our systems, applications and transactions ledgers can be overwhelming, adding complexity and volumes, and potentially chaos, if the information is not managed properly.
Bringing all this data under one centralised solution may not even be technically possible or recommended. By introducing data analytic solutions and predictive systems, we can filter out unnecessary information.
Blockchains are a form of distributed ledgers technology and, although currently it is strongly associated with cryptocurrencies, the concept of distributed ledgers and blockchain can be used elsewhere. One example would be in cases of sharing and accessing information without the need for centralised systems or without extensive central authorisation or permissions.
Although blockchain technology is still evolving and may still be inefficient, there are companies that already implement it for their information sharing functions, and it is likely that blockchains will become even more widely used in the future.
Another answer could be centralised compliance solutions/systems combined with data analytics and e-Discovery solutions add-ons to enable predictive coding and scoring, dynamic responses, filtering, dashboarding, and machine learning; this way any compliance solution can be made significantly more efficient whilst simultaneously reducing implementation and running costs.
Alvarez & Marsal recently assisted one of the banks in the Gulf region, who introduced a sophisticated Oracle system for their KYC, transaction monitoring, anti-money laundering and sanctions’ assessment. After realising that the number of alerts generated were increasing at an almost exponential rate each month (hitting tens of thousands), and not having enough resources or budget to review those alerts, the situation quickly started becoming unmanageable.
Using data analytic techniques, we were able to rectify the issues and introduce more fluid and flexible assessment and more dynamic scenarios and thresholds that could respond to ever changing customer and transaction volumes and amounts. In the end, the number of alerts were reduced in some cases by between 50-90 per cent.
However, the historical SARs/STRs were not eliminated in the process, thus providing the assurance that the company still had a robust process for detecting suspicious activity in the future. Use of data analytics, e-Discovery and even artificial intelligence, or Data Science, should be a part of every compliance solution.
It can decrease the costs of running compliance in the long run, and it allows us to respond more efficiently to changes. Although it may involve a slight change in stakeholders’ mindset, that one of the most important aspects of doing business today is to understand that we are living in a constantly evolving environment, and there is no finish line to transformation.