We need to monitor more than just customers.
I have in the past discussed what I call Behavioral Analytics. Behavioral Analytics leverage automated comparisons between data-based predicted behaviors and customers’ actual behaviors. When combined with Rule-Based Systems, Behavioral Analytics can prevent
criminal schemes even before they begin.
So why do I predict that personnel at financial institutions will hate this blog? Because in addition to tracking customers, institutions should also use Behavioral Analytics to monitor their workers and management teams.
Did you hear all the digital doors closing? I know that no human being likes to be questioned or monitored. We tend to circle our wagons and say, “No, not here; that could never happen here.” But to protect ourselves and our financial institutions we must
come to terms with all elements of Risk. And yes, insider crime can happen--and it can happen ‘here,’ no matter where ‘here’ is.
I once experienced co-workers who were terrific person to person but who worked together to steal from the employer. To a person, we were all shocked that these kind and helpful colleagues were not only stealing from the company but were booking stolen revenue
to colleagues’ accounts.
I still believe that most everyone I work with or interact with is as open and transparent as I am. But for financial institutions and related firms, passive monitoring provides an added layer of security and of risk mitigation.
‘Trust but verify’ with passive monitoring via Behavior Analytics is not a bad thing. You are not monitoring your fellow employees or management team members. Rather, you are monitoring all risk groups for unexpected behavior. We are talking about what is
possible, which means there is in fact risk; experience usually tells us the problem behaviors are not probable, so the risk is low—but not zero. When fighting financial crime, mitigating risk provides the foundation for healthy Compliance. Passive monitoring
of all risks in money laundering must be deployed, not just customer monitoring.
And this type of passive monitoring for unexpected behaviors is a non-intrusive way of finding potentially bad Intent. Passive monitoring measures not just the ‘how’ or stated purpose but also the intent, the why. This passive monitoring will highlight
a deviation of intent from stated purpose.
With passive monitoring using Behavioral Analytics, there is no “1984”-style Big Brother, no direct monitoring of people. People’s behavior and intent are buried in the metadata of what they do. Institutions can just monitor the metadata and report concerning
unexpected behaviors--just like you do for customers now. In terms of Risk, isn’t it better to know than to hope or assume?