LSEG REPORT 2024

Page 1

ABOUT US

About CeFPro:

The Center for Financial Professionals (CeFPro) is an international research organization and the focal point for the global community of finance, technology, risk, and compliance professionals from across the financial services industry. CeFPro is driven by high-quality, reliable, primary market research. It has developed a comprehensive methodology that incorporates data from its global community that has been validated by an international team of independent experts.

Examples of some of CeFPro’s research include:

• Non-Financial Risk Leaders: the most comprehensive independent study of trends, opportunities, and challenges within non-financial risk

• Fintech Leaders: an international survey to assess the status of the fintech industry and provide details for informed decisions on technology and business-related matters.

To find out more, visit www.cefpro.com/research

About LSEG:

LSEG Risk Intelligence provides a suite of solutions to help organisations efficiently navigate risks, limit reputational damage, reduce fraud and comply with legal and regulatory obligations around the globe. From screening solutions through World-Check, to detailed background checks on any entity or individual through due diligence reports, and innovative identity verification, account verification and digital onboarding services – organisations can trust LSEG Risk Intelligence to help them manage their risk, so they can operate more efficiently, more effectively and more confidently. To learn more, visit www.lseg.com/risk-intelligence.

KEY INSIGHTS:

How well prepared are the risk and compliance functions in tackling new challenges? As risk & compliance professionals appear overwhelmingly concerned with fraud, emerging technologies, and evolving regulation, how can they stay resilient in the changing world of financial crime risk?

CONFIDENCE IN RISK APPROACH NOW DOES NOT APPEAR TO SUFFICE FOR THE FUTURE

52% believe their organization’s current screening and due diligence processes in identifying and mitigating risks are very/extremely effective but only 35% are very/extremely confident that their organization is equipped to tackle emerging financial crime threats and related risks.

RISK PROFESSIONALS ARE FACING NEW CHALLENGES

92% of risk professionals identify fraud as a predicate crime that will negatively affect their organization’s business.

83% feel that technological advancements and cybersecurity threats could potentially impact the success of their organization’s financial crime risk management efforts. 41% agree that the inability to keep up with complex and changing regulation is the primary challenge they face in meeting regulatory .standards.

ABOUT THE RESEARCH:

The survey of 120 risk professionals in financial services was conducted by CeFPro, in partnership with LSEG Risk Intelligence, from February 15, 2024 – April 18, 2024; interviews were conducted from April 29 – May 1, 2024. The results provide a benchmark for industry professionals within financial crime compliance, with one Senior Risk Professional from a global bank stating, ‘It’s nice to know that we are within the pack and not an outlier.’ These results provide a snapshot of the industry, including the hurdles and challenges it is facing on the horizon and the progress that stakeholders are making toward increasing the efficiency of programs.

RISK AND COMPLIANCE NEED A RESOURCE RESET

Only 47% said their organization’s overall budget for financial crime compliance efforts increased in the past year.

However, a percentage of the risk professionals revealed that they expect to see the highest increase in efforts and resources in the future in the following areas:

68% KYC screening

65% Identity verification

65% Reducing false positives

EXECUTIVE SUMMARY:

The research creates a very clear risk management narrative and can be broadly expressed in three parts:

1. The risk landscape evolves: There is an expectation, or perhaps requirement, for effort and resources used across various areas of risk management to increase. This is unsurprising as respondents cited a wide range of predicate crimes and evolving challenges threatening their organization. Fraud, cybercrime, and the speed of technological advancements were common concerns.

2. Confidence around current risk management strategy and resourcing: Overall, respondents expressed a relatively high degree of satisfaction and confidence in their ability to meet the challenge of managing and containing existing known threats and compliance issues.

3. Hesitation around successfully managing future risks: A far smaller portion of respondents were very or extremely confident in their ability to tackle emerging financial crime threats and related risks. There is a tangible concern that a potent mix of i) an increasingly demanding and fast-changing compliance and regulatory landscape, ii) dwindling real-terms budget allocation, and iii) a reduction in human and technology investment could serve to negatively impact future risk management capability.

Fraud, cybercrime, and money laundering were identified as the top three primary concerns, and only 35% of respondents were either very or extremely confident their organizations are equipped to tackle emerging financial crime risks and threats.

An inability to keep up with a fast-changing regulatory landscape (41%) and lack of manpower (29%) were seen as the primary challenges in meeting regulatory standards for screening and due diligence by respondents. This view is emphasized by the fact that less than half of respondents had not seen any uplift in the budget to address financial crime compliance challenges.

The results demonstrated that organizations are typically at different phases in their risk management approach and strategy. Further, in post-survey interviews, the interviewees identified technology as playing a key part across all phases of preparedness development, with the Head of Illicit Financial Threat at a major UK government agency and a senior risk advisory consultant highlighting the rapid evolution of new technologies as both a threat as well as a management and mitigation opportunity.

Another key feature, though not specifically focused on in the survey but highlighted heavily within the additional interviews conducted with senior risk management professionals, was that of geopolitical risk. Its direct effect on risk strategy and financial crimes was referenced continually, most notably in money laundering. This was also reflected in the survey, with 59% of respondents expecting an increase in allocated effort and resources to sanctions screening. The ongoing conflict in Ukraine appears to be a key driver for many aspects of financial crime; with updates to sanctions listed almost daily, continuous investment in effort and resources is required.

When asked about the expected effort and resources in tackling a range of areas, including KYC screening, politically exposed persons (PEP) screening, sanctions screening, third-party due diligence screening, identity verification, and reducing of false positives, there was a clear expectation of an increase in effort and resources across most areas. KYC screening showed the greatest expected increase (68%), followed by false positive reduction (65%) and identity verification (65%).

Some of the industry experts consulted in the 1-on-1 additional interviews attributed this shift in resources to meeting the demands for new technological advances within the field. They argued that as the industry is shifting towards automation to reduce manual processes and enhance team efficiency, additional focus was expected to be dedicated to financial crime risk mitigation strategies through processes and controls.

EVOLVING RISK LANDSCAPE

Innovation changing the face of predicate crimes

The survey highlighted a range of concerns that could impact the success of an organization’s financial crime risk management efforts, not just now but in the future. The top predicate crimes that respondents were most concerned with for their organization were fraud (92%), cybercrime (78%), and money laundering (70%) (Figure A). In interviews, it was flagged that these crimes are being influenced most by fast-evolving technology.

The speed of technological advancements and cybersecurity threats is significantly the leading factor of concern when it comes to respondent’s organizations’ financial crime efforts (83%, Figure B). As interviews further revealed, substantial focus is being placed by organizations on technology and cyber-related risks related to emerging threats and staying ahead of the evolving landscape, and significant work is underway to understand emerging risks and stay a step ahead of events and criminals.

It was clear from post-survey interviews that technological advancement is viewed as what one senior Treasury risk manager described as a ‘double-edged sword’. He noted that threat actors were able to utilize emerging technologies to attack organizations faster than those organizations were able to navigate the internal and regulatory compliance policies and processes that would allow their implementation as a line of defense.

Conversations with the risk professionals highlighted how organizations, regardless of how well prepared and financed they are, often find themselves operating in a reactive or ‘second-move’ way; therefore, they face greater pressures to advance their programs, both to stay ahead of developing threats, and ensure that they remain as well equipped as possible to counter existing bad actors.

Cyber security and the evolution of threats remain key risk factors, as organizations face direct financial repercussions if data is stolen or bad actors manage to defraud clients/ users; for example, organizations may be required to reimburse victims under certain scenarios. It was highlighted in additional interviews with industry experts that technology and cyber may have been the respondents’ reported concern due to the high frequency of attacks organizations are under, as well as the costly financial repercussions that each could carry.

Figure
Figure

Fast-moving compliance and regulation

Figure B demonstrates that fast-evolving risk and regulatory frameworks were reported as concerning by 59% of respondents. As the regulatory landscape continues to evolve across all subsets of financial crime, interpreting and implementing required changes are a key concern for organizations who see the speed and resources required to meet compliance challenges potentially limiting the speed of success. Indeed, 41% of respondents saw an inability to catch up with the complexity of evolving regulations as a primary challenge in meeting standards for screening and due diligence (Figure C).

This is particularly salient in the context of sanctions, where changes occur on a near-daily basis; as a result, updating systems to cope with continuous change is an ongoing task. With further changes expected as the geopolitical landscape evolves and technology continues to advance, it is likely that this field will require additional funding and attention. As established in the sections discussing budgetary and effort questions, allocating headcount, effort, and budget to advancing technology and adapting to regulatory change is vital.

The survey highlights the work that must be conducted internally to tackle the technology, cyber, and regulatory risks. Change is required to build efficiency and mitigate risk in an appropriate and proportionate way; processes and frameworks must be functional and efficient on an internal level if they are to tackle external threats successfully. Such measures will integrate risk management across the culture of the organization and help develop internal programs to mitigate evolving external threats.

Figure C. What is the primary challenge you face in meeting regulatory standards for screening and due diligence?

*Data may not add up to 100% due to rounding

CAPACITY VERSUS REALITY

The assessment of the current capacity to successfully manage existing risk has shown to differ significantly from the levels of confidence within organizations to accurately and effectively identify emerging risk.

On delving deeper into internal practices and reviewing the effectiveness of screening and due diligence processes to identify and mitigate risk, organizations were again largely positive in the ratings of their effectiveness (Figure D). Over half (52%) of respondents either saw their processes as ‘Extremely effective’ or ‘Very effective’. As many of the respondents represented large and mid-sized banks, few were expected to be in the early stages of setup, which could indicate a more advanced program with higher effectiveness.

Figure D. How effective do you consider your organization’s current screening and due diligence processes in identifying and mitigating risks?

As the industry prepares for additional events that could impact financial crime teams, the focus of survey respondents and their parent organizations has expanded into that of potential emerging risks. Figure E investigates how well-equipped organizations feel they are to tackle emerging financial crime threats and risks. Only 35% of respondents stated that they were either ‘Extremely confident’ or ‘Very confident’ in tackling emerging risks. The disconnect between current screening and due diligence vs attitudes toward emerging risks paints a picture of reduced confidence for the future.

Figure E. How confident are you that your organization is equipped to tackle emerging financial crime threats and related risks?

FUTURE-PROOFING RISK STRATEGIES

Keeping up with technology

Technology is being leveraged across all aspects of financial institutions, but interviews with risk professionals revealed one area where it was being utilized with significant impact, which was in data cleansing for the purpose of analyzing and/or investigating alerts. For example, technology can aid in aspects such as sanctions, KYC, horizon scanning, media scanning, and predictive analytics for future events. Although not specifically referenced in the survey questions, many of the industry experts interviewed highlighted technology as the avenue in which they had seen the biggest allocation of both effort and budget.

While the implementation of technologies can be expensive, the failure to increase budgets and efforts in innovation and technology could prove to be more costly in the long term. Organizations that do not advance quickly enough to stay ahead of threats and increase their efficiencies in manual tasks may end up harming their customers. Post-survey interviews expanded on this, with some interviewees also identifying an ongoing scarcity of talent and ensuring risk management functions were able to recruit and retain the most skilled employees.

Risk data challenges

The more moderate confidence levels seen in the research when considering emerging risks could also demonstrate that each organization has a different approach, roadmap, and risk appetite; risk intelligence data requirements will vary across the industry. Ensuring the accuracy and reliability of the data is a complex challenge, and only 21% of risk professionals are not very / not at all concerned with the accuracy and reliability of the risk intelligence data they use (Figure F).

These concerns over the quality and accuracy of existing risk intelligence data (Figure F), together with worries about a perceived lack of resources to manage the increasingly complex and fast-changing nature of compliance and regulatory measures, mean many respondents worry that they will struggle to ‘play catch up’ in meeting future risk challenges with effective strategies. Post-research interviews with risk professionals revealed how testing requirements on data remain stringent; without appropriate technology, data verification is a significant challenge, as are validation approaches. Organizations are increasingly relying on multiple sources to gain a complete picture; current processes often do not include less traditional data. An example was given in interviews with risk professionals of negative news scanning when onboarding customers.

Figure F. How concerned are you with the accuracy and reliability of the risk intelligence data you currently use?

*Data may not add up to 100% due to rounding

Budget and resource demands

A similar trend can be observed when considering the budget for financial crime compliance efforts in the past year generally. While a total of 47% of respondents reported seeing an increase in the budget, 39% reported that they had seen no increase (Figure G). It was observed in additional qualitative research with industry experts that even at a maintenance operation, with the sheer scale of sanctions changes alone, budget would be expected to increase to keep up and ensure compliance with the recent changes. There is a constant industry drive to build maturity, enhance automation, and develop sophisticated programs.

As the demand for efficiency and a reduction in manual intervention continues, upfront budget is required to develop programs that can be automated. It is possible that those that stayed the same, from a budget perspective, may be further along their technology journey, with systems in place to help alleviate manual load. Organizations want to stay ahead of the curve, and advancing technology is a key tool in doing so. For example, fraud was perceived as the greatest predicate crime facing respondents’ organizations in the research (92%) (Figure A). Our interviewee participants discussed how fraud prevention, as a result, has seen a large influx of budgetary resources with the introduction and development of identification methodologies such as digital recognition and facial identification. This discussion mirrors the increased expectations for resource and budget allocations for identity screening seen in Figure H, with 65% of respondents anticipating this trend.

Figure G. In the past year, has your organization’s overall budget for financial crime compliance efforts increased, decreased, or stayed the same?

*Data may not add up to 100% due to rounding

Figure H. Do you expect the effort and resources your organization allocates to tackle the following financial crime risks to increase, decrease, or stay the same?

*Data may not add up to 100% due to rounding

CONCLUSION AND KEY TAKEAWAYS:

The primary message that the survey responses send is one of concern about the future preparedness of their organizations to effectively meet and manage the challenge of emerging risks around fraud, cybersecurity, and money laundering.

Specifically, those working within the field of risk management believe that an increasingly rapid evolution of the regulation and compliance sector, together with a shortage of the manpower needed to incorporate the expected flurry of measures it will bring, remain the key threat to organizations’ ability and capacity to manage future risk effectively. As geopolitical tensions continue to spill over into compliance, the future remains uncertain. For the most part, organizations appear confident in managing financial crime risk from a practical perspective, and there is relative confidence in the ability to prepare and mitigate emerging risks and in the capacity to leverage risk intelligence data to make informed decisions.

Underpinning all of this is the drive to leverage new and innovative tools and technology to further enhance onboarding, screening, due diligence, and assessment processes, ultimately to reduce false positives and focus on identified risks. Teams continue to grapple with the changing sanctions landscape and adapting daily to new amendments in requirements, another area requiring technological advancement to increase efficiency.

The survey results show respondents anticipate an increase in budgets and resources across key risk areas in the future, highlighting a recognition as to the importance of financial crime risks. Rollout of the use of cloud and other technologies appeared slower but continued budgetary allocation is needed to ensure organizations have the tools and manpower to deliver efficient risk management programs that also meet emerging compliance and regulatory requirements.

or as trading as the Center for Financial Professionals or CeFPro®.

The facts of the Third Party Risk Management report are believed to be correct at the time of publication but cannot be guaranteed. Please note that the findings, conclusions and recommendations that CeFPro® delivers will be based on information gathered in good faith, whose accuracy we cannot guarantee. CeFPro® acknowledges the guidance and input from the Advisory Board, though all views expressed are those of the Center for Financial Professionals, and CeFPro® accepts no liability whatever for actions taken based on any information that may subsequently prove to be incorrect or errors in our analysis. For further information, contact CeFPro®.

CeFPro®, Fintech Leaders™ and Non-Financial Risk Leaders™ are either Registered or Trade Marks of the Center for Financial Professionals Limited. Unauthorized use of the Center for Financial Professionals Limited, or CeFPro®, name and trademarks is strictly prohibited and subject to legal penalties.

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.