The three steps in fixing data for the fight against financial crime

The global cost of financial crime compliance is estimated to be $213.9bn, according to Lexis Nexis’ Global Cost of Compliance 2020 report, up from $180.9bn the previous year. And this is expected to grow. The range of risks outlined by the thousand banks that were surveyed were broad, ranging from customer risk profiling and sanctions screening, to PEP identification and KYC for onboarding.

For all these elements to be conducted successfully, data quality is a vital factor. But the data challenge for banks in the fight against financial crime can seem insurmountable, as compliance legislation keeps evolving and the bar keeps getting raised. The time and cost related to getting data fit for purpose can easily swallow the annual investment spend of most financial institutions.

But viewing this as one mammoth problem is flawed, not least because many financial institutions will subsequently put off initiatives to fix these data challenges. Instead, banks, insurers, asset and wealth managers should view the data fix as a series of smaller initiatives that slot into business as usual (BAU) and don’t cause widespread disruption. Financial crime data initiatives can be split into three stages:

Stage one - ‘stopping the bleed’

The first step is to ensure you are capturing the right data for new customers engaging with your organisation. One of the first steps is root cause analysis, to really understand where the data is captured are and identify process changes to ensure key data elements are recorded. At this stage, you also identify the key data gaps, the areas where information is lacking – this might be down to a process fault, or a system gap (for example, the system isn’t keeping pace with regulatory requirements). These problems need to be ring fenced, the starting point for stage two.

Stage two - remediation

The main purpose of remediation is about understanding the person the bank is doing business with – working out the ones who have higher risk indicators. Remediation involves organising information, finding inconsistencies and working out how to fill in data gaps. This might involve ‘ring fence analysis’ to gauge the size of the problem, or training employees to ask clients for more information, for example. Remediation is fixing the problem, and understanding what you are fixing.

Stage three – fixing forward

Stage three is about learning from past mistakes and not repeating them. So a mix of preventative controls is needed. This could be a system control that would not allow an application to proceed until all fields are complete. Or it might be a process review and redesign to fix any process gaps that might have resulted in the data issue.

The data challenge in financial crime doesn’t necessarily need to be daunting. You don’t need to spend billions and put BAU on ice while you sort it out. Small wins can be gained through simple measures as part of normal working routines. You just need a smart, thoughtful approach to these three steps in fixing financial crime data. 

If you have any comments or thoughts on this, please don't hesitate to get in touch.