Community
At Bonova Advisory we interview C-suites, Influencers and Industry Thought leaders on various pining topics within Business, Finance and Technology. This week I had the pleasure of interviewing Mastercard’s Chief Compliance Officer Karen Griffin on strategies to build a sustainable financial crimes program in an era of ever increasing sophisticated financial crimes.
Karen, can you tell us a story about what brought you to this specific career path?
Itwas by accident! At the time, I was working for a technology company in a senior supply chain role. The company had a strong focus on talent development and my profile was added to the HR database. When a new lead compliance position was opened in Law, the General Counsel asked HR to identify qualified candidates. I was told the story later by HR that when they queried the database against the requirements of the role, my name popped out. I was initially reluctant to interview for the position given I am an engineer and a business professional by education. But my manager was persistent and encouraged me to interview. What I learned in the process was that the General Counsel was interested in hiring a business person in the role who understood the control environment, was process-driven and had engaged with customers — in essence, someone who knew how work gets done. I was sold, and the rest is history as I have since successfully applied my engineering paradigm to the otherwise legal compliance framework.
Can you share the most interesting story you have come across in the field of financial crimes and money laundering?
Naturally in compliance, I have come across a lot of wild and incredible stories. The one that has really stuck with me is of a senior business leader that I knew and who was arrested on allegation of having committed financial crimes. I often reflect on the consequences to this individual as I help organizations navigate the compliance landscape.
What internal controls have you set up to help your Financial Crimes Program succeed?
My focus is to build a super highway where the business can execute with confidence. I work to bring clarity on the rules of the road, speed limits and protective guardrails to untie the hands of the business to grow with confidence.
The first step is to really know the boundaries. And then Mastercard relies on a system of monitoring and testing to provide assurance in a “trust but verify” operating model. Overall our compliance system centers on three critical factors: 1) a clear set of rules 2) near real-time detection and prevention capabilities, and 3) minimizing the burden on the business to speed decision making.
We are laser focused on automation and technology solutions to drive repeatability and consistent performance, minimizing surprises.
Can you share 5 tips that others can use to help build a sustainable Financial Crimes Program?
How often do you conduct assessments about the Financial Crimes Program?
We have a continuous assessment and monitoring process that includes risk assessments, onsite reviews, ethics surveys, quality assurance, monitoring and testing, and independent audits. These assessments are scheduled and conducted in periodic intervals.
What advice would you give to aid in global monitoring for Financial Crimes?
Four key pieces of advice:
Leveraging the right technology can be key to reduce risk and increase operational efficiency within an AML (Anti-Money Laundering) program. What are some applications of technology enablements that have helped you? What would you recommend to others?
We have implemented an innovative digitized “know your customer” tool that provides near real-time updates to customer profile attributes as a critical component of our Anti-Money Laundering Program. This tool also provides updates on our state-owned entity designations in support of our Anti-Corruption Program.
We have also created a Compliance Data Mart that brings together data feeds from key corporate systems. On the front end, through data analytics, we are able to automate the data feeds to compliance tools reducing the burden on the business and increasing the accuracy of the information. On the backend, we use data mining and analytics to identity outliers. With this approach we eliminate blind spots and flag exceptions as they occur. This intelligence is web enabled — available at the touch of a finger.
You are a person of great influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. :-)
In line with compliance, I’d like to engage in a movement to create a public, private, partnership to leverage and share our collective third party due diligence information. I envision one day to have a consolidated “global clearing house” where participants could collectively populate information in a central place that would display results we each have conducted for identified third parties.
Each of us within our respective areas, conduct due diligence on third parties based on specific criteria that meets our business needs. This includes, for example, understanding the qualifications and associations of the third parties, its business reputation and relationships, if any, with government officials. Yet, each year, organizations continue to spend hundreds of thousands of dollars independently and in a vacuum to vet some of the same third parties and then additional time and resources are spent to monitor their performance and behavior. This work takes time to execute, it’s expensive and it creates friction in the business model.
The “global clearing house” would allow us to leverage information and to post updates as we learn about bad actors in real time to drive transparency. This would also send the message that we have joined forces globally, arm-in-arm, and we are on a mission to stamp out ill intended third parties.
The clearing house/inventory could be the starting point to collect baseline information and to rule out engaging certain third parties prior to initiating a costly and time consuming due diligence review in a silo. By revealing a third party’s past behavior, we can minimize exposure in the future.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
David Smith Information Analyst at ManpowerGroup
20 November
Seth Perlman Global Head of Product at i2c Inc.
18 November
Dmytro Spilka Director and Founder at Solvid, Coinprompter
15 November
Kyrylo Reitor Chief Marketing Officer at International Fintech Business
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.