NetPractice Exchange Fraud and Compliance Best Practice Community from Fiserv
Fiserv, Inc. 255 Fiserv Drive Brookfield, WI 53045
+1 800-872-7882 +1 262-879-5013 getsolutions@fiserv.com www.fiserv.com
Fiserv is a registered trademark. Other products referenced in this material may be trademarks or registered trademarks of their respective companies. © 2009 Fiserv, Inc. or its affiliates. 1-73-9-MS FIS Fraud & Compliance July/August 2009 NetPractice.
+31 70 452 5448 netpractice@fiserv.com www.netpractice.fiserv.com.
July August 2009 Volume 3 Number 2
The Next Wave of Check Fraud: Are You READY? Page 4
Cover Payment Messages in Cross Border Wire Transfers Will Intermediary Banks Carry the Burden of Necessary AML Investments? Page 16
NetPractice Exchange This magazine is published three times per year and is a publication by Fiserv for NetPractice members and others interested in NetPractice or Fraud and Compliance Solutions.
10 Reasons to Join NetPractice: A chance to interact with other AML and fraud detection experts
NetPractice Advisory Board Florisela Bentoera, CAMS, Manager Compliance and AML Operations, RBTT Dutch Caribbean, Curacao, Netherlands Antilles
1.
Tom Firnhaber, Director of Compliance, NetSpend, Austin, TX, USA
Not a NetPractice member yet? NetPractice is an online Fraud and Compliance Solutions user community that develops, delivers and supports innovative services and resources that helps its members improve the way they control the risks associated with financial crime management and compliance initiatives. To become a member, please visit www.netpractice.fiserv.com.
Deborah King, CAMS, VP Director AML Investigations, Citizens Financial Group, Medfort, MA, USA Saskia Rietbroek, CAMS, Financial Crime Advisor, Fiserv Fraud and Compliance, Miami, FL, USA (Chair) Cindy Shelton Ryan, CAMS, Compliance Officer, Bank-Fund Staff Federal Credit Union, Washington D.C., USA Aleksejs Truhans, IT Development, Parex Banka, Latvia
Poll Question and Results How frequently do you update country risk profiles for purposes of monitoring for suspicious activity? Once per month ......24% Once per quarter .....44% Once per year ..........32%
32%
24%
Once per month
Once per year
Fiserv is a registered trademark. Other products referenced in this material may be trademarks or registered trademarks of their respective companies. © 2009 Fiserv, Inc. or its affiliates.
NetPractice Exchange
3. 4.
5.
6.
7.
8.
Get immediate online access to dedicated tools and resources to enhance performance, streamline processes and reduce costs Enhance your anti-money laundering and fraud investigation skills so you can take yourself to a new professional level Get continuous access to an international network of other users of our solutions to ensure up-to-date knowledge and expertise in using monitoring techniques Receive insight into the latest anti-money laundering and anti-fraud initiatives
9.
Get involved! NetPractice is a rewarding way for you to share your expertise while meeting new people and making new contacts around the world 10. Get ACAMS continuing education credits for selected NetPractice webinars
Event
Location/Website
Date
Fiserv Fraud and Compliance Webinar: “How to Efficiency Manage Money Laundering Risk with Slashed Budgets”
www.netpractice.fiserv.com
June 3, 2009
American Bankers Association Regulatory Compliance Conference
Orlando, Florida www.aba.com/Events/RCC.htm
June 7 – 10, 2009
Fiserv Fraud and Compliance Client Conference 2009
Amsterdam, The Netherlands www.netpractice.fiserv.com/user_ group_event_2009.aspx
June 10 – 11, 2009
7th Annual Money Laundering and Financial Crime Conference
London, United Kingdom www.cityandfinancial.com
July 5, 2009
20th Annual ACFE Fraud Conference
Las Vegas, Nevada www.fraudconference.com
July 12 – 17, 2009
Fiserv Fraud and Compliance Webinar: “ATM and ACH Fraud”
www.netpractice.fiserv.com
July 30, 2009
8th Annual International ACAMS Conference
Las Vegas, Nevada www.acams.org
September 30 – October 2, 2009
AFP National Convention
San Francisco, California www.afponline.org
October 4 – 7, 2009
American Bankers Association Money Laundering Enforcement Conference
Washington, D.C. www.aba.com/Events/MLE.htm
October 11 – 13, 2009
Once per quarter
Marketing Coordinator: Roos Goosen This newsletter is for general information purposes only. The views expressed in this newsletter are not necessarily those of Fiserv, Inc. Fiserv has taken all reasonable measures to ensure that the material contained in this newsletter is correct. However, Fiserv offers no warranty and accepts no responsibility for the accuracy or the completeness of the material. In publishing this newsletter, neither the authors nor Fiserv are engaged in rendering legal or other professional advice.
2.
Online member community of thousands of peers using Fiserv Fraud and Compliance solutions for fast real-world problemsolving and idea sharing Watch online videos with step-by-step instructions about how to best use our solutions Receive monthly training on solutions, compliance strategies and financial crime Receive NetPractice Exchange: a print newsletter with thought leadership articles, news and best-practice techniques for improved risk detection and management
Calendar of Events
44% NetPractice Staff Director: Stanley Harmsen van der Vliet, CAMS
NetPractice is a highly specialized service that focuses on the specific needs of one niche group: financial crime professionals who work with Fraud and Compliance Solutions technology from Fiserv. NetPractice’s value and advantage lie in its focused best-practice information, its dedicated services and its commitment to enriching the professional lives of its members. NetPractice combines our technology with the human element, an online user community to enrich the professional development, learning, connectivity and the professional lives of the members through the sharing of knowledge.
NetPractice United States of America 255 Fiserv Drive Brookfield, WI 53045 Phone: +1 262-879-5000 Toll Free: +1 800-872-7882 Fax: +1 262-879-5013
Our next poll question is:
Europe Loire 200-202 2491 AM, The Hague The Netherlands Tel: +31 70 452 5448 Fax: +31 70 452 5444
Cast your vote at: www.netpractice.fiserv.com.
With what percentage has your financial institution’s AML/fraud detection budget been cut because of the recession?
netpractice@fiserv.com www.netpractice.fiserv.com
July August 2009 Volume 3 Number 2
July August 2009 Volume 3 Number 2
NetPractice Exchange Page 21
The Next Wave of
Identity Theft and
Cover Payment
Check Fraud:
Identity Fraud:
Messages in Cross
Are You Ready?
How to Protect Your
Border Wire Transfers
Page 4
Financial Institution
Page 16
Page 10
Table of Contents Word from the NetPractice Director _ 2
Identity Theft and Identity Fraud:
Cover Payment Messages in Cross
How to Protect Your
Border Wire Transfers: Will
Financial Institution __________ 10
Intermediary Banks Carry the Burden
NetPractice Up-to-Date _________ 2
of Necessary AML Investments? _ 16 Competencies in a Changing World
NetPractice Member List________ 3
of AML – Next-Generation Money
Hot Docs and Downloads ______ 18
Laundering: How to be Prepared _ 11 The Next Wave of Check Fraud: Are You Ready? ______________ 4
Financial Crime News from NetPractice Advisory Board Member
Around the World ____________ 19
In the Spotlight – Interview with Tom Firnhaber ___ 12 New Rule on International ACH
10 Reasons to Join NetPractice __ 21
Transactions: How Will It Affect You? _________________ 6
The Emergence of Financial Crime Management Technology ______ 14
Calendar of Events ___________ 21
Fraud and Compliance – Outsourcing AML: The ASP
Featured Functionality: AML Manager
Alternative _________________ 8
‘Add Risk View Condition’ ______ 15
July August 2009 Volume 3 Number 2
NetPractice Exchange
Word from the NetPractice Director You have properly noticed that this edition of our magazine is orange again. The new Fiserv orange is part of a complete make-over of our core branding strategy. In February, Fiserv launched a new market approach and brand identity that signals our commitment to leading the transformation of financial services technology — representing a significant milestone at the company’s 25-year anniversary.
Stan Harmsen van der Vliet Director NetPractice Stan Harmsen van der Vliet is Director of NetPractice, a best-practice user group community for Fraud and Compliance Solutions. Stan is based in The Hague, The Netherlands.
We are very pleased that Fiserv has decided to choose orange as our new brand color. Not only because we love orange but also because the color orange stands for innovation, which matches perfectly with our own mission statement to develop, deliver and support innovative services and resources that help our members improve the way they control the risk associated with financial crime and compliance initiatives.
In this issue of the NetPractice Exchange magazine we take a closer look at the next wave of check fraud and AML risks in the interbank world such as correspondent banking and ACH networks. How do you deal with these different banking environments and how can you keep oversight of all these incoming and outgoing transactions flows? Secondly, what are the benefits and concerns of outsourcing AML activities outdoors? Is ASP the answer to today’s cashstrapped needs? And finally, I would like to give my special thanks to our new NetPractice Advisory Board Member Tom Firnhaber of NetSpend for sharing his experiences with AML in the card processing arena. Read more about NetSpend’s experience in the Advisory Board Member Spotlight and watch the video interview on www.netpractice.fiserv.com/netspend.aspx.
NetPractice Up-to-Date
For those who have missed any of these
For more information or instructions on
well-received webinars, NetPractice
how to use some of the NetPractice
Stay Up-to-Date with the NetPractice Video/PodCast Library
gives the opportunity to watch any of the
advanced website features, please take
previous presentations. Take for example
a look at our tutorial video on the “New
Did you know that every webinar given
Celent’s “AML Trends to Watch Out For:
Members Start Here” page on the
2008 - 2010” or “The Next Wave of Check
NetPractice website (www.netpractice.
Fraud: Are You Ready?” You can simply
org/New-Members-Start-Here.aspx).
at NetPractice is now available online and ready for you to watch at any time?
go to the “Training Program” section on the NetPractice website, and click on the
Since our start in June 2007, the
“Webinars” archive option to view all the
NetPractice team has organized monthly
available recordings.
presentations with several experts in the AML and fraud prevention industry.
You can even download a copy of the
Independent senior analysts like Neil
Powerpoint slides, white papers and
Katkov, Mayiz Habbal, Jacob Jegher, and
other relevant documents. If you own an
also our own financial crime advisors
iPhone, there are also recorded versions
Saskia Rietbroek and Erik Stein, have
available to download for your iPhone or
contributed to these webinars.
iPod Touch.
NetPractice Exchange Page 2
July August 2009 Volume 3 Number 2
Meet and network with your fellow NetPractice members. Visit www.netpractice.fiserv.com to see the full member directory: thousands of people worldwide!
Americas United State of America 1st Bank Oklahoma 1st CU of Gainesville 1st Source Bank Athol-Clinton Co-operative Bank Bancorp South Bank of America Bank of Hawaii Bank of New England Bank of New York Bank of Oklahoma Bank of the West Bank Plus Bank-Fund Federal Credit Union Barre Savings Bank Beverly Cooperative Bank Branch Bank and Trust Calyon Financial Inc. Central Bank Central Pacific Bank Chicopee Savings Bank Citicorp Data Systems Citizens Business Bank Citizens Financial Group City National Bank Comerica Bank Commerce Bancshares Commerce Bank Compass Danvers Savings Bank DFCU Financial Federal Credit Union Encore Bank Federal Trust Bank Fidelity Bank Fifth Third Bank Financial Center Federal Credit Union First AmeriCanada Bank Group First Arizona Savings First Charter National Bank First Citizens First Citizens Federal Credit Union First Federal Bank of North Florida First Federal Savings Bank of Iowa First Federal Savings Bank First Interstate Bank First Merit Services Division First National Bank of Omaha First Personal Bank First Premier Bank Florida State University CU Franklin Bank Frost National Bank
July ď ¸ August 2009 Volume 3 ď ¸ Number 2
GCF Bank Greenfield Savings Bank Guaranty Federal Bank Hancock Bank Harris Bank Harris Trust and Savings Bank Hibernia National Bank Higher One Home Savings Bank HSBC Bank USA Hudson United Bank Huntingdon Savings Bank Huntington Bancshares InsurBanc International Bank of Commerce Investment Savings Bank J.P. Morgan Chase Manasquan Savings Bank Manufacturers Medina Savings and Loan Assoc. Mellon Merchants Bank Merrill Lynch Metropolitan National Bank Miami Savings Bank Millbury Federal Credit Union Montecito Bank and Trust Mutual of Omaha Bank National City Corporation NBT Bancorp NetSpend New Peoples Bank, Inc. NewAlliance Bank Newton Federal Bank North Akron Savings Bank North Dallas Bank and Trust Company North Fork Bank North Shore Bank. Northern Trust Company Panther Community Bank Platinum Community Bank PNC Bank Provident Bank QCR Holdings Inc. RBC Centura Bank Regions Financial Corp Reliance Savings Bank Riggs National Bank Savings Bank of Hegewisch Security Savings Bank Silicon Valley Bank Sovereign Bank State Bank of Long Island Stephens Federal Bank Sun West Bank
Sunset Bank and Savings Sunshine State Federal Savings SunTrust TCF Financial Corporation Texas Capital Bank Texas State Bank The Pittsfield Cooperative Bank TowneBank UMB Bank Umpqua Bank Union Bank of California Union Building and Loan Savings Bank United Roosevelt Savings Bank US Bancorp Valley National Bank Wachovia Washington Mutual Wells Fargo Bank West America BanCorporation West Coast Bank Whitney National Bank Canada ATB Financial Bank of Montreal Canadian Imperial Bank of Commerce National Bank of Canada Royal Bank of Canada Sun Life Toronto Dominion Bank Jamaica First Caribbean International Bank Suriname DSB Bank
Ireland Bank of Ireland Latvia Parex Banka Rietumu Banka Luxembourg RBC Dexia Malta Bank of Valletta Netherlands Credit Europe Bank Friesland Bank ING Group Triodos Bank Van Lanschot Bankiers Portugal Banco Espirito Santo Sweden SEB Group Lansforsakringar AB Switzerland Amas Bank United Kingdom Abbey Adam and Company Allied Irish Bank Bank of Scotland Barclays Bank PLC Close Private Bank Lloyds TSB Bank Nationwide Building Society Saffron Walden
Trinidad and Tobago First Citizens Bank RBTT Bank
Asia
Europe
Kuwait Kuwait Finance House
Andora Banca More Belgium Dexia Group Cyprus Bank of Cyprus Emporiki Bank Hellenic Bank Laiki Bank Universal Bank
India Bank of Baroda
Oman Bank of Muscat Philippines Bank of the Philippines Islands United Arab Emirates Emirates NBD
Africa Mauritius Mauritius Commercial Bank
France AXA Banque
Morocco Credit Immobilier et Hotelier
Greece Aspis Bank
South Africa FirstRand Bank Limited
Guernsey Credit Suise Trust
NetPractice Exchange Page 3
The Next Wave of Check Fraud: Are You Ready? by Erik Stein, CRP, AAP, CAMS
Erik Stein is Vice President for Solutions Architecture for Fraud and Compliance Solutions at Fiserv. The United States is in an unprecedented economic crisis with every day seemingly bringing a new barrage of bad news. With increasing financial institution failures, the crisis has put the remaining institutions on the defensive focused on managing through liquidity issues, mounting credit losses, massive numbers of foreclosures, rising consumer unemployment, declining consumer confidence and slowing economic growth. The focus of financial institutions, if I can generalize, is on survival rather than on business as usual. So where does that leave normal day-to-day operations such as fraud detection, prevention, investigation and mitigation: taking a back seat in this crisis. Fraud prevention and detection spending has always tended to be reactive to significant negative changes in fraud trends. This crisis won’t change the general belief that short of a drastic change in losses (which trails the actual increase
NetPractice Exchange Page 4
in events by as much as six months
concerned about checking account
or more), little new spend in these
(DDA) fraud (check and debit card)
times is likely forthcoming for fraud
regardless of what they may be
prevention. Criminals have learned that
using today for detection and
fraud prevention spend trails losses
prevention. So why are bankers
and have used this time and time again
so worried about DDA fraud?
to their advantage. They view this as a weak link in financial institutions’ armor
Based on the Risk, Loss & Mitigation
and quickly seize upon and exploit it.
Survey conducted by McKinsey, DDA fraud results is an estimated at $5
The dynamics of the market are
billion to $7 billion (which I think is
between a few very large banks, many
actually understated) in losses annually
relatively small banks and not much in
and is growing at 7 percent, which
between. This also creates a shifting
represents two-thirds of the losses
focus by financial institutions who are
with credit cards representing almost
involved in acquisition and merger
all of the remaining.
activity. During merger integration, financial institutions’ focus shifts from
It may be interesting to note that
everyday activities to the integration
credit cards are a much smaller
efforts; customer service and retention;
percentage perhaps because of
transition training; system, process,
the use of sophisticated fraud
policy and department changes; to
detection analytics covering 90
most everything but business as usual.
percent of the cards issued in the
This creates an opportunity for thieves
U.S. Delivering more sophisticated
to capitalize on the financial institutions
solutions correlates to decreasing,
looser policies and practices to keep
or perhaps only shifting, losses and
customers happy, to wreck havoc on
there is a perceived gap by financial
the loss numbers. Attempts go up,
institutions in their anti-fraud arsenal.
focus goes down, and losses go up. Bankers have every right to be worried Based on a study commissioned
if you look at the signs from the 2007
by Fiserv, banking clients are very
ABA Deposit Account Fraud Survey.
July August 2009 Volume 3 Number 2
Figure 1: Total U.S. Bank Check Fraud Losses 1200
the incidence of SAR filings to the
2003 and 2006 to $969 million, almost
reported ABA Deposit Account Fraud
doubling from nine years ago (see
Survey results during the corresponding
Figure 1).
periods. In doing so we discover a substantially smaller increase (as a
969
1000
43% 800 (in millions)
Losses climbed 43 percent between
698
679
600
percentage over the prior period) in
ABA Deposit Account Fraud Survey,
SAR filings than in survey responses in
we see that bankers have self-reported
677
significant improvements over the
512
400
If we take a look again at the 2007
survey years in loss avoidance, which is the amount of attempts that have
200 0
been stopped. In the latest survey, 1997
1999
2001 Years
2003
survey participants showed that
2006
they stopped 92 percent of the fraud attempts (by value) (see Figure 2). One
Source: ABA Deposit Account Fraud Survey Report, 2007
of the concerns should be whether bankers can actually improve on a 92 percent aversion rate. The higher the
Figure 2: Loss Avoidance Rates
aversion rate becomes, the harder each
14,000 Avoidance %
92%
12,000 10,000
■ Loss Avoidance ■ Actual Losses
(in millions)
8,000
11,239
6,000
88% 84%
4,000 2,000
0
69% 57% 679 512
1997
3533
4823
most periods. There may be a variety of reasons for these disconnects but if we focus on the final period, 2006, we find a fairly strong correlation between SAR filing increase and increasing losses. This continues to add substantiation to increasing check fraud levels even before the current market turmoil. In the same period that losses on checks went up 43 percent as shown
successive aversion becomes.
in the ABA Deposit Account Fraud
It is important to look at the increasing
Fed, went down by over 4 percent (see
Survey, check volume, according to the
attempt rate over the survey periods
Figure 3). With check usage expected
for some insights. Back in 2006,
to continue to decline in future years,
before the economic crisis, before
the increasing incidence of check fraud
the mega-mergers, before the
in a decreasing volume of checks is
shifting focus, the increase in fraud
indeed a worrying trend.
attempts between 2003 and 2006
1521 679
698
677
969
1999
2001 Years
2003
2006
Source: ABA Deposit Account Fraud Survey Report, 2007
was a whopping 122 percent. The
Be sure to read the next issue of
trend was already showing significant
NetPractice Exchange to see what
upward momentum. While not directly
you can do to prepare for The Next
correlative, it is interesting to compare
Wave of Check Fraud.
Figure 3: Change in Payment Types Change in Payment Volumes (in billions)
2003
% Change
2006
annual
Total Non-cash Payments
81.4
93.3
11.9
Checks
37.6
30.8
-4.1
• Paper
37.3
30.6
-6.7
• ACH
0.3
0.2
2.2
Debit Card
15.6
25.3
9.7
• Signature
10.3
16.0
5.7
• PIN
5.3
9.4
4.0
19.0
21.7
2.8
8.8
14.6
5.8
• Debits
4.2
8.6
4.5
• Credits
4.6
5.9
1.4
Credit Card ACH
Erik Stein is Vice President for Solutions Architecture for Fraud and Compliance Solutions at Fiserv, where his responsibilities include helping to guide product direction, positioning and configuration to meet the needs of more than 16,000 Fiserv clients around the globe. He also provides presales consulting expertise and deep domain expertise across a variety of fraud disciplines. His background includes both broad and deep (more than 30 years) experience in retail banking managing operations, compliance and risk for financial institutions.
Source: Fed Payments Study, 2007
July August 2009 Volume 3 Number 2
NetPractice Exchange Page 5
New Rule on International ACH Transactions: How Will It Affect You? by Saskia Rietbroek, CAMS
Depository Financial Institutions
obligation to investigate possible hits.
(ODFIs) will both be affected.
On the other hand, an ODFI acting as
If your financial institution is part of
a gateway operator does have OFAC
the Automated Clearing House (ACH)
Depending on your role in the ACH
Network then you need to be prepared
process you will have to:
OFAC Screening Indicators
for a new rule regarding international ACH transactions (IAT).
• Establish a written OFAC compliance policy for handling IAT transactions
The IAT rule, passed by NACHA at
and meeting OFAC compliance
the request of the Office of Foreign
obligations, if you are an RFDI.
Assets Control and in accordance with
• Train your staff on IAT changes,
the Paris-based Financial Action Task
educate your originators on their
Force’s Special Recommendation VII
obligations under the rule, determine
on international wire transfers, changes
if you have originators that are
the format in which international ACH
currently originating international
transactions are sent. It mandates that
ACH transactions, and establish a
all cross border transactions be labeled
written OFAC compliance policy, if
with a special code – IAT. NACHA
you are an ODFI.
says that this designation will help institutions in their OFAC compliance and money laundering duties by
compliance duties.
Gateway Operators
Once the gateway operator screens the IAT, they have the option to fill in Field 10 of the corresponding transaction information called an OFAC screening indicator. If a “0” is in this field, this indicates that there has not been a hit and if it is filled with a “1” then this means that it is a possible OFAC hit. Field 11 is another OFAC screening indicator that can be used by a third party service provider. It is important to note that NACHA guidance states that even if this
Any financial institution or ACH
field has been filled in by a gateway
operator can be a gateway operator,
operator, the RDFI is still responsible
which is a transaction’s entry point to
for compliance with OFAC regulations
or exit point from the United States.
— therefore it recommends screening
Under the IAT rule, gateway operators
the transaction even if there is a “0” in
give a transaction the IAT code if
that field. Also, the compliance burden
they are entering or leaving the U.S.
is still on the RDFI if they use a third
They must also screen international
party service provider to screen for
transactions against OFAC sanctions.
OFAC, so it is in your institution’s best
Receiving Depository Financial
However, if an ACH operator is acting
interest to ensure that your vendors are
Institutions (RDFIs) and Originating
as a gateway operator they have no
fully compliant with OFAC.
adding transparency to international transactions. It also orders that these transactions must include “travel rule” identifying information, even if they are under $3,000 — the current Bank Secrecy Act threshold.
How Will This Affect You?
NetPractice Exchange Page 6
July August 2009 Volume 3 Number 2
Travel Rule The other big change that the new NACHA IAT rule brings is the addition of the BSA “Travel Rule” information to these transactions. Currently this is only required for wire transfers over $3,000, but the new rule requires this information to accompany all IATs. The “travel rule” information is meant to help institutions in investigating possible suspicious transactions that may indicate money laundering or terrorist financing and includes this data: • Physical address and name of the originator and beneficiary • Originating bank, correspondent bank, and receiving bank name, branch country code, and identification number
OFAC Compliance It does not matter if you are an RDFI or an ODFI, your institution is still responsible for OFAC compliance. So are your third party service providers and respondent/correspondent banks. This means that they all must screen IATs against OFAC Specially Designated Nationals lists, which means review all parties and remittance data in the IAT transactions and review all parties to the return item transaction.
Making Sure You Are Ready If you have not started preparing for IAT, you need to start. Here is a short list of tasks that will help you get ready: • Educate yourself with the IAT rules. Currently, some of the international ACH entries within the ACH network look like domestic entries and are
•
• •
• • •
identified with the existing Standard Entry Class (SEC) codes such as PPD, CCD or CTX. However, in the future it may be appropriate to identify the entries with the IAT code based on the international ACH definition. Implement an OFAC policy for both origination and receipt of IAT transactions Review agreements with originators and vendors to ensure IAT compliance Check all originators against possible IAT scenarios to determine if any of the scenarios cause your organization to become a gateway operator Train appropriate staff on IAT requirements Ask vendors if they are ready for IAT Perform tests with vendors, ACH operators, correspondent banks and customers
Money Laundering Indicators and Customer Due Diligence In addition to compliance with the above mentioned rules, financial institutions should also realize that ACH transactions can be used in the layering and integration stages of money laundering. With ACH transactions there are few opportunities to review individual transactions for suspicious activity because they are highly automated, and often processed in batch mode. Because of this, the quality and amount of due diligence performed on customers (merchants) that utilize ACH transaction service becomes very important. In line with the risk sensitive approach, the focus for monitoring transactions for money laundering control purposes, should be on transactions and merchants that are higher risk for money laundering.
Examples are: • Transactions involving foreign financial institutions in jurisdictions with strict privacy and secrecy laws or those identified as high-risk • Domestic transactions when the merchant is based in a foreign country or that are initiated by an international messaging system • Transactions involving high dollar or volume amounts • Transaction on behalf of originators located in a foreign high-risk jurisdiction • Transactions originating without face-to-face interaction • Customers generating a high rate or volume of returns or unauthorized transactions • Duplicate or fraudulent ACH transactions • Transactions not commensurate with the business profile of the merchant • Merchants that are classified as higher risk for money laundering When monitoring ACH transactions for suspicious activity it is important to keep these red flags in mind.
Saskia Rietbroek is Financial Crime Advisor for Fraud and Compliance Solutions at Fiserv. From 2001-2005, she was the founding Executive Director of the Association of Certified Anti-Money Laundering Specialists (ACAMS). She is partner at www.nomoneylaundering. com, and chairs the NetPractice Advisory Board.
Sources • International ACH Transaction (IAT) Frequently Asked Questions, Federal Reserve Financial Services http://www.frbservices.org/help/fedach_iat.html#a5 • International ACH Transactions (IAT) Frequently Asked Questions, NACHA http://www.nacha.org/IAT_Industry_Information/docs/IAT%20FAQs%202%204%2009.pdf • IAT – Not Just Another SEC Code. Is your Organization Ready? NACHA http://prodevmedia.com/handouts/MPX/11.pdf
July August 2009 Volume 3 Number 2
NetPractice Exchange Page 7
Fraud and Compliance Outsourcing AML: The ASP Alternative by Richard McCarthy
package for the customer (giving them the best technology functionality they need), and the second is ensuring the data can be organized and fed into the AML application in the right way.
While most banks are not yet attracted to outsourcing their entire AML operations, the notion of outsourcing the AML technology needed to support their processes is proving far more attractive. With limited resources and the need to reduce operational costs, smaller banks in particular are looking at the Application Service Provider (ASP) alternative.
The right package: Beware of the “vanilla” ASPs who state they cover all your AML technology needs at a very low price. All too often, their support for functional areas such as list matching, for example, is very limited.
As banks have learned over the last few years, complying with laws such as the Bank Secrecy Act, USA Patriot Act, or laws issued under the 3rd EU Directive, can be a costly and time-consuming business. Hosted AML solutions appear attractive in their promise to deliver comprehensive AML and customer due diligence (CDD) solutions that cut costs while meeting regulatory requirements.
Similarly, their detection techniques might be quite primitive, allowing support for rules-based detection, but being poor in other areas such as monitoring customer behavior, link analysis or dynamic profiling. The important thing is to go for an AML vendor with a modular offering so that you can pick and choose the functionality you need.
The Main Challenges In many ways, the biggest challenge for hosted AML solutions is no different to in-house ones. The implementation of hundreds of AML projects at Fiserv has taught us a number of major technology lessons. The first is providing the right
NetPractice Exchange Page 8
Our experience of AML projects shows that one of the most critical factors is finding and mapping the data needed for AML detection. While data review projects are nothing new for most banks, AML projects routinely uncover new problems with the quality of the data. Banks will often find their customer data is incomplete or lacking, and the AML project is often one of the catalysts for the banks to get their data quality correct.
An application service provider (ASP) is a business that provides computer-based services to customers over a network. Software offered using an ASP model is also sometimes called On-demand software or software as a service (SaaS). It is a model of software deployment whereby a provider licenses an application to customers for use as a service on
Organizing and importing the data: In many cases, banks just do not allow their data to be duplicated or placed outside their own security environment. This is often the main objection to looking at AML ASPs, but some alternatives do still exist.
demand. SaaS software vendors may host the application on their own web servers or download the application to the consumer device. (Source: Wikipedia)
July August 2009 Volume 3 Number 2
7 Key Points in an AML Hosted Solution
The 7 Key Points to Look for In an AML Hosted Solution 1. Trust: Ultimately, it all boils down to trust, not technology. Ensure the service provider you are looking at clearly takes “risk management” very seriously. This should be reflected not only in the services and technology it offers, but in its product strategy, too. Find out if the vendor is a company that you can treat as a partner in helping you out beyond the first implementation project. 2. Proven: Look for a vendor with a proven track record. Can the vendor provide evidence of having a number of AML ASP projects rolled out successfully? Can they provide references that you can contact? Is the vendor recognized by any of the analysts who advise on the best AML technology solutions? Is the vendor endorsed by other respected authorities? 3. Better Detection: Look at the detection capabilities of the AML technology they offer. Look for detection capabilities that extend beyond rules-based detection, and includes behavioral profiling, peer grouping, dynamic risk scoring, link analysis and watch-list filtering. All these detection capabilities help ensure you can reduce false positives and detect money laundering more efficiently
July August 2009 Volume 3 Number 2
4. Strong Data Integration: Look at the ways data can be entered into the AML application. If the vendor you are looking at is a major provider of outsourced and in-house core banking solutions, and you are already their customer, consider this a very strong plus. They will already be managing your data and will have the knowhow of how best to get it into the AML application. 5. Reduced Complexity: Be cautious in selecting vendors who normally target tier-1 banks. Their offering and technology are often ill-suited to the needs of an ASP environment. Ensure the vendor has a modular product, allowing you to select just the modules you need. At a later stage you can buy additional modules when you need them. 6. Education: Ensure you are not left in the dark in knowing how to use the AML application you are being offered. Mature service providers should go as far as providing online help services not just about the products they promote, but on improving AML detection as a whole. 7. Best Practices: Look for a community of users that deploy the same AML package. Can you reach them to interchange experiences and challenges you are facing? Mature service providers will offer an on-line community portal where customers can attend webinars and exchange best practices.
Current Trends The hosting of AML technology is increasing in popularity, especially in the U.S. Expect this to expand
into Europe and Asia, and for AML outsourcing to become a viable alternative to in-house compliance projects. Several major financial institution outsourcing firms in the U.S., such as Fiserv, have acquired AML software vendors. They are well positioned to offer outsourced AML technology and services to their customers. These firms have hundreds of banking customers, and have strong credibility and trust from the banking world. New start-up companies are also now offering AML hosted services. Acceptance of outsourcing AML technology and services is growing. Even major banks are outsourcing their AML technology, and a smaller number are beginning to outsource their compliance operations. The major objection appears to stem from data security issues among the banks concerning their accountability for a function over which they may cease to have day-to-day control. As more and more AML technology is hosted by ASPs, these objections, while still there, are diminishing. For all the challenges and hurdles still to be faced in hosted AML solutions, it is clear that it has many benefits, including reducing operational costs. At a time of financial uncertainty for the banks, this in itself is a strong indicator that AML application service providers are here to stay and offer a viable alternative to in-house solutions. Richard McCarthy, Vice President of Product Marketing at Fraud and Compliance at Fiserv, is responsible for the strategic positioning of Fraud and Compliance solutions. He is Chairman of the Fraud and Compliance Product Advisory Council (PAC) at Fiserv.
NetPractice Exchange Page 9
Identity Theft and Identity Fraud: How to Protect Your Financial Institution
by Steven Schaeffer, CAMS
Steven Schaeffer is AVP Product Management, Global Fraud Solutions for Fraud and Compliance Solutions at Fiserv. Identity theft and identity fraud sound very similar in that no one wants to be a victim and institutions want to prevent both from happening in their businesses. It is important to look at the two categories individually in order to develop strategies around how to prevent and identify both situations. Identity theft occurs when someone wrongfully obtains another person’s identifying information like name, address, Social Security number, date of birth or phone number without permission. Identity fraud is using wrongfully obtained identity information as the means to conduct fraud for economic gain.
NetPractice Exchange Page 10
•
How does identity theft occur? There is a myriad of ways to obtain personal identification. This can range from very basic, well-used means to technologically advanced methods often left to the creativity and uniqueness of the criminal. A few (very few) examples include: • Common or traditional methods such as stealing a wallet or purse, taking mail or financial records from a mail box or trash • Public record websites which house information such as drivers license information, professional certifications, real estate records,
•
•
•
divorce records, licensing information Insider fraud can include removal of customer and employee files by an employee with access Computer hacking, such as trojans, allows the criminal to take control of a user’s computer and monitor or search for personal information Fictitious jobs offers present a great opportunity to which a job seeker provides personal information as well as employment history and salary Social networks are targets of identity theft worms. When an infected friend sends a message or link to another contact in their network the worm is unknowingly attached and then searches the new computer for personal information that can be used in identity theft or fraud. The worm can be attached to every message or link and the
July August 2009 Volume 3 Number 2
problem is perpetuated among trusted contacts.
Transaction activity: As transactions
Prof. Dr. Eddy Vaassen RA
pass through an account patterns are
Maastricht University The Netherlands
established. Monitoring for deviations
How is identity fraud perpetrated after the identity theft occurs? Once the identity is obtained there are a variety of methods to conduct identity fraud. • New checking account fraud: The identify thief may open a new checking account and use it for a brief period of time for various types of fraud (deposit fraud, check kiting, Internet purchases, etc.) • Account takeover (existing account): An existing customer’s account may be taken over by changing the address in order to prevent correspondence to the legitimate owner, providing a longer window of time to conduct fraud
is important to identify actions of identity theft. For example, if we see sudden increases in deposits (new relationships) and subsequent withdrawals the account may be in the process of a take-over.
Competencies in a Changing World of AML
Non financial events: While analyzing
Next-Generation Money Laundering: How to be Prepared
transaction activity is important, monitoring non-financial activity is also highly important (and often overlooked). Events such as address changes, card orders, location where an account was opened, return mail, death notifications, additional account holder added, change of beneficiary, are valuable pieces of information. When non-financial activity and transaction activity are monitored together, identity theft patterns become easier to identify.
• Credit card fraud: The victimized identity is used in the completion of credit card applications, with the card going to a new address • Deceased victim fraud: The identification of deceased individuals is used to open accounts, cash bogus checks, cash stolen government checks, etc. • Loan application fraud: Auto, personal, home, and home equity loans are pursued; when approved the merchandise or cash is quickly transferred to the identity thief
How can an institution protect itself and its customers from being victimized by identity theft? A comprehensive approach requires monitoring of multiple types of transactions, activity at the account level and activity at the customer level.
July August 2009 Volume 3 Number 2
Account level activity: Activities to be concerned with include change of ownership, new signers added, card orders, return mail and PIN changes. Customer level activity: Activities to be concerned with include address change, phone number change, death notification and customer age. Concerns identified at the customer level will likely require review across all accounts associated with the customer.
Conclusion Identity theft continues to increase each year. Financial institutions and account holders comprise 71 percent of all identity theft victimization. A comprehensive fraud solution and continued training of current and new identity fraud trends are required in the effort to protect institution and client assets.
Law enforcement, regulatory efforts and anti-money laundering (AML) programs in financial institutions have improved over the past years. These improvements, however, have been focusing mainly on transaction monitoring in the areas of retail and private banking. As a consequence other areas such as corporate fi nance, investment banking and credits are still vulnerable. It is common practice to define a strategy for commercial activities setting out the long-term objectives and determining how to achieve them. Over the past years, however, the AML approach has been rather reactive as a response to laws and regulations; it is still not that common to define an AML strategy. Criminal organizations can easily obtain knowledge about AML best practices and hence can use this knowledge effectively to improve their money laundering practices. These next-generation money launderers takes into account the transaction monitoring systems as well as publicly available indicators. As a result nowadays debts and credit instruments are moved from one company to another (preferably within tax optimization schemes), causing no or just one single unsuspicious transaction, bypassing all the existing transaction monitoring systems instead of various transfers of funds. Next-Generation Continued on Page 20
NetPractice Exchange Page 11
NetPractice Advisory Board Member In the Spotlight
Thomas J. Firnhaber recently joined the NetPractice Advisory Board. Tom is Director of Compliance of NetSpend Corporation in Austin, TX. Before joining NetSpend, he was Senior Regulatory Compliance Specialist at FinCEN and Enforcement Advisor at the Office of Technical Assistance of the U.S. Treasury.
Interview with Tom Firnhaber Mr. Firnhaber is responsible for the development and implementation of NetSpend’s compliance strategy and managing all aspects of the BSA/ AML compliance program. Additionally he manages enterprise wide compliance with state, federal and association regulations and requirements. He is also responsible for management of Risk and Compliance activities with NetSpend partners and distributors. Mr. Firnhaber has more than 20 years’ experience in banking and financial services. He joined NetSpend from the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), where he was senior regulatory compliance policy advisor, with responsibility for ensuring that the industries within the FinCEN’s jurisdiction, such as depository institutions and money services businesses, understand and comply with Bank Secrecy Act (BSA) and U.S. Patriot Act requirements. Fiserv: Please tell us what products and services NetSpend provides? Tom: We are the largest market distributor and processor of prepaid debit cards in the country.
NetPractice Exchange Page 12
Since NetSpend was founded, we’ve processed over $12 billion in gross debit volume, so that is money flowing through the cards. We have over 1 million active card holders. We have a distribution network where people can buy cards at about 60,000 locations, and then we have an additional 30,000 locations where people can load their cards and make deposits to their accounts. It provides folks that are typically under banked, under-served, an ability to have a simple way to get into the traditional financial systems, having electronic access to a bank account, having a savings account, and even free text messaging to help prevent folks from becoming a victim of identity theft. So if you spend something somewhere with our card, before you leave the store you can get a text message showing you the transaction you just completed. Our partners are mix of retailers and large grocery stores, where people can apply for a card account and add funds to their account. Fiserv: To what extend does monitoring customer or card behavior provide better detection of possible AML or fraud at NetSpend? Tom: Monitoring is one of the critical pillars of risk mitigation, along with knowing your customer and knowing your partner. It really helps us stay on top of everything. I get questions from regulators and law enforcement agents, saying you have over 90,000 locations, how do you mitigate risk? How can you prevent people from laundering money through your network, and what kind of oversight do you have? AML Manager from Fiserv helps us do that in a very cost-effective and efficient way. We look at those transactions at every one of those locations using the tool’s profiling capabilities. And it’s a really helpful tool
because it helps us to be able to stand in front of the regulators, saying, “We know what our customers are doing, we know what our distributors are doing.” And when we identify something unusual we have a process in place to address that, investigate that and file the appropriate report to the regulators. Fiserv: To what extent are you improving efficiency within your compliance department by leveraging workflow/case management and alert generation within AML Manager? Tom: It’s been a tremendous help. Prior to implementing AML Manager our processes were manual, spreadsheets, and such. It was very challenging when an auditor would come in and wanted to look at what we had done relative to monitoring, referrals sent to banks, etc. And having a single solution to be able to generate alerts, monitor that activity, along with case management with an audit trail makes life easier for both the auditor and our team. People don’t have think about the process but can focus on the analysis and working the cases as opposed to keeping track of everything in spreadsheets. So that efficiency is tremendous. As we have grown over the past years with 40 percent increase in transactions and number of card holders we’ve been able to maintain the same amount of resources because of the efficiencies from the tool. Fiserv: Can you tell us more about how you are using AML Manager in risk areas beyond money laundering, such as fraud prevention? Tom: I believe that AML and fraud are one and the same animal. We are looking at suspicious activity. The underlying activity can be generated by laundering, could be terrorist financing or fraud. So by having that focus and
July August 2009 Volume 3 Number 2
not limiting ourselves to assuming what the transaction might be before we investigate, I think helps us catch things that others might not. The tool is an excellent way to identify the activity and helps us determine what the underlying crime might be. Fiserv: How easy was it for you to use your existing investment in the AML solution from Fiserv and use it for fraud prevention? Tom: It was no extra effort at all. We look at unusual or suspicious activity. It is a matter of knowing our business, our customers, employees and such and looking at different transactions. We don’t necessarily know if its fraud or laundering when we first look at the transactions, we see something unusual. That is not normal for that customer, for that partner, for that employee. So it’s been very easy to take it and analyze the transactions, and now we have implemented a system that generates an alert based on velocity of all our transactions, so whether it’s cash deposits, person-to-person transfers, adjustments made by our customer service agents.
environment. We are basically the agents of the
been helpful in reducing the number of false
banks. We do risk mitigation and compliance
positives. It’s cost avoidance, and well worth the
and AML prevention, etc., on behalf of our
investment that we’ve made.
issuing banks. So they have outsourced it. But they are still on the hook for mistakes that we make or things that we fail to catch. I have the confidence that the tool allows us to catch things; they won’t fall through the cracks. I am able to fine-tune and tweak it in response to changing circumstances, customer activity, different markets we go into. We probably have four or five different channels, which have unique characteristics of customer activity, behavior and distributor behavior. So for example, we’re in a payroll lending channel, the activity there is much different than, let’s say, a retail channel or grocery store, where it is more transactional, less interaction with the customer and clerk, than when they go into a cash checking shop. What the product really allows me to do is not to depend on the distributor to mitigate the risk. This adds a comfort level that I don’t have to rely on someone else, in a location where I don’t have
It is a very valuable tool, and again because of the case management capability it allows us to have an internal monitoring process based on the workflow that comes out of there. And it’s been very helpful. We’ve gotten compliments from the auditors, who have been impressed by how we have taken a tool such as yours, which was conceived as a tool for use in a typical bank model and have adapted it for use in our distributed financial services model. Fiserv: Can you tell us how you reaped a good Return on Investment with the solution? Tom: One of the biggest benefits is the cost avoidance. We are in a heavily regulated
July August 2009 Volume 3 Number 2
the oversight. There are 90,000 locations, and there is a lot of turnover. If I had to rely on them to try to detect suspicious activity I don’t think we would be successful as we are and be able expand to so many locations. Because, again, I
Fiserv: Can you tell us how you managed to take advantage of the flexibility of the Fiserv AML Manager? Tom: At NetSpend, we have a lot of expertise, we have a lot of insight into what our customers do. Remember, we are also a processor for the issuing bank. We have business knowledge from all that data, and we can fine-tune and develop detection scenarios within the AML Manager tool that address our customers and the nature of their transactions very well. It helps us drill down in such a way that we can efficiently monitor and eliminate false positives. We have all the data that comes in, we can take that knowledge and tweak our controls and make them systemic and that way we don’t have rely on the potential for human error. It’s been a great tool. A cross-functional team made up of IT, analytics and investigators was able to create rules, finetune them and push the limit of what the tool was intended do, in a very good way. We were able to adapt the tool to our circumstances, which were unique compared to a lot of the traditional financial institutions, because we
have a very good comfort level and look at the
have such a large network of distributors, where
results of the analysis.
we acquire new customers, and places where people can reload their cards. And the tool
We’ve implemented Fiserv’s peer group analysis
gave us that flexibility to tailor to the different
module with our distributors, which has been
channels, if you will, different characteristics,
a fabulous tool. Using peer group analysis we
the different customer activity, and the purpose
have taken our 90,000 locations, broken up our
of the card, etc.
distributor network by channel, and then down to the ZIP code level within that channel. So it
The video of the interview, conducted on March
allows us to compare the activity of like things
17, 2009, in Hollywood, FL, can be downloaded
in like areas to look for anomalous activity. It’s
at http://www.netpractice.org/Netspend.aspx.
NetPractice Exchange Page 13
The Emergence of Financial Crime Management Technology As financial crime becomes a bigger issue, Richard McCarthy takes a look at where we are today, and predicts where we will be with the technology we use to fight financial crime.
Financial Crime Is Up Financial crime is rampant at the moment! The Madoff scandal where billions were lost through fraudulent Ponzi schemes, the fraud charges against the cricketing tycoon Allen Stanford by U.S. regulators, and the billions lost at Societe Generale through rogue trading — these are just some of the better known cases of financial crime, but there are many more. The Association for Financial Professionals (AFP) recently reported that payments fraud is rampant in U.S. organizations, with over 70 percent of U.S. firms victims of attempted or actual payments fraud in 2008. Figures in Europe look equally grim, with the U.K.’s fraud prevention service, Cifas, suggesting that the country saw a 16 percent increase in cases of fraud in 2008. This is likely to get worse before it improves. The current financial crisis and global recession is likely to exacerbate the situation, with the frequency of internal fraud almost certain, and security breaches and false accounting on the rise.
NetPractice Exchange Page 14
Whether we like it or not, we are short of the mark in trying to detect financial crime. As we learn more about how these fraud cases were carried out, it is becoming increasingly clear to the financial organizations, the regulators and the public that financial crime is becoming increasingly complex, often involving new types of criminals, new payment methods and new technology.
The Need to Reduce Costs
What Is Being Done About It
anti-money laundering divisions.
Fraud and money laundering are the two most common types of crime seen within the financial services sector. Financial crime and compliance requirements are very high on the board-level agenda, and approaches such as taking a risk-based approach to tackling fraud and money-laundering is helping. Even formerly silo-based pointsolution approaches to tackling fraud are beginning to change. While the norm is to have a multitude of anti-fraud and anti-money laundering systems in place, across many business units, a growing number are looking at financial crime management systems to help banks take a more panoramic approach to fighting fraud. Retail banks, in particular, are increasingly integrating their IT systems as separate divisions come together to take on financial crime.
The cost savings that can be achieved
Yet fighting financial crime comes at a cost, and it may not surprise some of us to learn that this is proving the catalyst to bring about the much needed change to fight crime. As banks look at ways to reduce operational costs, they are taking a further look at the well-known overlap and duplication of data, tasks and processes in their anti-fraud and
by centralizing anti-fraud and anti-crime efforts is big, as is the demand for the financial crime technology to support it. For this reason Chartis, an independent analyst firm, predicts the global market for financial crime risk management technology to grow to $3.75 billion by 2012 — a compound annual growth rate of 13.1 percent.
The Emergence of Financial Crime Technology Solutions Today, there are analyst reports from Datamonitor to Chartis comparing and looking at the financial crime technology vendors supporting this market. We are naturally pleased to see Fiserv included in all of these reports. Yet one should not expect banks to
July August 2009 Volume 3 Number 2
invest in totally new solutions. Instead, they are more likely to re-invest in what they have already. For financial institutions wanting an in-house solution, they will certainly be looking for a financial crime platform to glue the different applications and data sources together, but it will be a case of evolution rather than revolution. Step by step, they will first focus on what is the most easily attainable. If this is successful, they will then broaden to other areas. In one customer site, they are using the Case Management tool from Fiserv as the cement to audit and manage all cases together using two or more different alert generation tools from different vendors. Openness and
Featured Functionality: AML Manager ‘Add Risk View Condition’ In this section, we highlight a particular functionality of one of a Fraud and Compliance product from Fiserv, and explain how to use it. In AML Manager solution, version 4.1.3 Service Release 5, a new rule type has been introduced called ‘Add risk view condition.’ Rules of this type enable the possibility to segment alerts, for example, by business type. This will particularly benefit financial institutions that store the data of multiple business lines in a single database.
flexibility are the key here. They need to work with what they already have rather than start from scratch. As the resources get scarce and the technology more complex, the other alternative that banks are considering is to out-source the technology. Many banks do not want to outsource their AML or anti-fraud processes yet, but out-sourcing the technology and the support of it is a different matter. In either scenario, Fiserv is well placed. In addition to providing an enterprise financial crime solution focusing on AML, internal fraud, multi-channel fraud and check fraud, Fiserv has established a strong reputation as a major financial institution outsourcing solutions to financial firms, especially in the U.S.
My Prediction I recommend and predict that bestpractice financial crime management processes and technology will consolidate into a small number of keystone applications acting as one integrated platform. The technology platform will need to cover multiple types of crime and handle both realtime as well as batch-oriented data analysis needs. Expect predictive analytics to come to the forefront as the ability to fight financial crime proactively (rather than after the event) becomes increasingly possible. Ultimately, the financial crime platform will form part of an enterprise-risk management system providing a total risk management dashboard.
accounts, and for cash transactions over EUR/U.S. 5,000 in one day for private accounts. This requires two alert definitions, each with a different rule to select the account type. These can be rules of either the ‘Evaluate row by row’ type or the ‘Add risk view condition’ type.
not increase the number of rows to be scanned, there is a risk of false negatives. You could set the number of rows to be scanned for example to 50,000 and your alert definitions will work correctly. However, as to performance this is not very efficient.
Suppose you create rules of the ‘Evaluate row by row’ type for both alert definitions. All rows in the result set of the risk view will then be evaluated. However, because large cash transactions are much more common on business accounts than on private accounts, it is very well possible that, say, the first 1000 results in the risk view contain 990 business accounts, of which some will be alerted, and only 10 private accounts. Consequently, if you do
A better solution in a situation like this is to use a rule of the ‘Add risk view condition’ type. If you use a parameter for the account type, a single rule definition will suffice, but what is more important, you can keep the number of rows to be scanned much lower. When you use the rule in the alert definition for private accounts, the risk view will be executed with the added clause that selects only private accounts and all business accounts will be ignored.
A rule of type ‘Add risk view condition’ is used to specify further criteria for the risk view (detection scenario) underlying the alert definition. The conditions specified in the rule are added to the WHERE clause of the risk view statement before it is executed. Suppose that you want to use the Overview Cash risk view to generate alerts for cash transactions over EUR/U.S. 20,000 in one day for business
July August 2009 Volume 3 Number 2
Example of an alert rule of the type ‘Add risk view condition’
NetPractice Exchange Page 15
Cover Payment Messages in Cross Border Wire Transfers: Will Intermediary Banks Carry the Burden of Necessary AML Investments? Introduction In July 2008 the Basel Committee on Banking Supervision (BCBS) published a paper for consultation on transparency regarding cover payment messages related to cross-border wire transfers. Representative organizations within the banking industry have expressed their serious concerns on the proposed standards. In particular concerns have been expressed with regard to the supervisory expectations on the role of cover intermediary financial institutions in monitoring (“policing”) messages.
Money Laundering Risks with Cover Payments Cover payments are used by a bank to facilitate funds transfers on behalf of a customer (the originator) to a beneficiary in another country. When the originator’s and beneficiary’s banks are not having a relationship to settle with each other directly, the originator’s bank may instead directly instruct the beneficiary’s bank to effect the payment order, for example by means of a SWIFT MT103 message. On parallel the originator’s bank advises through a separate channel, for
NetPractice Exchange Page 16
example by means of a SWIFT MT202 message, the payment order to be “covered” as the interbank obligation to settle has been created by the instruction to effect the payment. Such a cover payment chain is used in correspondent and clearing operations. The settlement is often accomplished through the originator’s intermediary correspondent bank in the country for which the payment is the national currency. Advantages of this cover payment chain for banks are avoidance of delays associated with differences in time zones between the originating and the beneficiary banks and reducing the costs of commercial transactions. However messaging standards are lacking full transparency for intermediary banks on the payment orders they facilitate to be executed. Within a cover payment chain the cover intermediary banks do not necessarily see the information sent to the beneficiary bank. Information about the originating bank’s and the beneficiary bank’s customers is often not contained within messaging formats used to settle the interbank payment but the information is included within the instruction.
The risk is that such a cover payment chain could be chosen on purpose to conceal the names of parties to a transaction. For a cover intermediary bank the risk is not being compliant with watch list requirements on blocking, rejecting or freezing of assets of designated individuals or entities and a risk of having an ineffective suspicious activity monitoring process in place. By means of enhancing transparency in international wire transfers, banks will have greater insight into the parties within the international wire transfers and therefore better able to understand possible risks associated with the underlying transfers, helping them to ensure they are not engaged in transactions related to entities involved in criminal activity.
Transparency Standards and the Responsibility of Cover Intermediary Banks The Basel BCBS consultative document includes basic transparency standards: • Appropriate information should be included in payment messages as described in this document.
July August 2009 Volume 3 Number 2
Financial institutions should not omit, delete or alter information in payment messages, for the purpose of avoiding detection of that information by any other financial institution in the payment process. • Financial institutions should not use any particular payment message for the purpose of avoiding detection of information by any other financial institution in the payment process. • Subject to all applicable laws, financial institutions should cooperate as fully as practicable with other financial institutions in the payment process when requested to provide information about the parties involved. • Financial institutions should take into account in their correspondent bank relationship the transparency practices of their correspondents. This enhanced payment message format will include information about the parties involved in the underlying funds transfers that was included in the instructions sent to the beneficiaries’ banks. The roles and responsibilities of banks, and in particular of cover intermediary banks, are related to monitoring: • Whether the information is present in messages • For suspicious activities • Against lists of names • Of the correspondent relationship
Group and the Clearing House
Conclusion
(“the industry”) have expressed a number of serious concerns. They say that certain statements go far beyond the purpose of promotion of transparency in an as-simple-aspossible and straightforwardly feasible way. The industry also thinks that some monitoring requirements are considered not technically feasible and would seriously interfere with an efficient processing of international payments. Other concerns are the need for clarifying guidance on responsibilities for “monitoring against lists of names.” The explicit statement that such controls with regard to monitoring against lists of names “cannot be
Due diligence and increased transparency in cover payment messages related to cross-border wire transfers is without doubt an important initiative by the Basel Committee, as it will enhance future effectiveness of global money laundering controls. However, the industry’s reaction to the Committee’s consultative document is fierce. Some expectations are regarded unnecessary and may place an additional burden on the banking industry. The industry says in particular that it’s not the cover intermediary banks but rather originator banks that are in the best position in the cover payment chain to ensure compliance with the enhanced transparency requirements.
risk-based” goes against U.S. Federal Financial Institutions Examination Council (FFIEC) examination guidance on a risk-based Office of Foreign Assets Control (OFAC) compliance program.
The Basel Committee document’s period for comment ended September 2008. A final version of the document has not yet been issued.
Bank-to-Bank Funds Transfer Correspondent of Originator’s Bank
Fedwire, CHIPS or SWIFT Message
SWIFT MT202, proprietary system message (if affliliated), Telex, fax or other electronic means
Originator’s Bank
Correspondent of Beneficiary’s Bank
SWIFT MT910/MT950 or other message advising of credit transfer
SWIFT MT103, Telex, fax or other electronic means
Beneficiary’s Bank
Banking Industry Response Industry groups such as the American Bankers Association, The Wolfsberg
Originator
Beneficiary
Customer Payment Instructions
Sources • Wolfsberg WG-NYCH Statement on Payment Message Standards of April 19, 2007. http://www.wolfsberg-principles.com/pdf/WG-NYCH_Statement_on_Payment_Message_ Standards_April-19-2007.pdf • ABA Comment Letter of September 15, 2008. http://www.aba.com/NR/rdonlyres/DC65CE12-B1C7-11D4-AB4A-00508B95258D/55409/BaselLtr_15Sept08.pdf • Joint Clearing House, Wolfsberg Group comment letter of September 12, 2008. http://www.theclearinghouse.org/reference/comment_letters/2008cl/035225.pdf
July August 2009 Volume 3 Number 2
NetPractice Exchange Page 17
Hot Docs and Downloads
Fiserv White Paper “Financial Crime Outlook 2009” and OnDemand Video “How to Efficiently Manage Money Laundering Risk with Slashed Budgets” In February Fiserv issued its white paper called “Financial Crime Outlook 2009: What to Expect in a New Political Season with a Financial Sector in Crisis, an Economy in Recession and a Regulatory System in Need for Reform.” With a new administration, a recession and financial sector in crisis, there are many questions regarding compliance priorities. Will there be a regulatory agency reform and if so, what does that mean? Should anti-money laundering and fraud prevention efforts take a back seat to handling the credit crisis? How can financial institutions be more effective in mitigating the risk with reduced compliance budgets?
in calendar year 2008. The 2009 INCSR identified money laundering priority jurisdictions and countries using a classification system that consists of three different categories: • Jurisdictions of Primary Concern (listed 60 jurisdictions) • Jurisdictions of Concern (listed 68) • Other Jurisdictions Monitored (listed 77)
2009 INCSR Report http://www.state.gov/p/inl/rls/ nrcrpt/2009/vol2/index.htm
jurisdictions of primary concern are those countries whose financial institutions engage in currency transactions involving significant amounts of proceeds from international narcotics trafficking and serious crime. It is not based on an assessment of the country or jurisdiction’s legal framework to combat money laundering, its role in the terrorist financing problem or international fight against money laundering, including terrorist financing. Therefore, the list of 60 countries of primary money laundering concern contains for example 17 countries located within the European region. New countries moving to this category of primary concern, previously
The 2009 International Narcotics Control Strategy Report (INCSR) was released on February 27, 2009. This report is an annual report by the U.S. Department of State. It describes the efforts of key countries to attack all aspects of the international drug trade
NetPractice Exchange Page 18
An Evaluation of Suspicious Activity Reports Filed By Money Services Businesses, Securities and Futures Firms, Insurance Companies and Casinos http://www.fincen.gov:80/news_room/ nr/html/20090316.html http://www.fincen.gov/news_room/rp/ files/mortgage_fraud.pdf
Within the 2009 INCSR report
the degree of its cooperation in the This 19-page white paper addresses these issues. The free white paper and on-demand video can be downloaded at www.netpractice.fiserv.com.
Mortgage Loan Fraud Connections with Other Financial Crime
identified as jurisdictions of concern, are Bolivia, Guinea-Bissau and Zimbabwe. Changes with regard to a jurisdiction’s designation in level of concern may cause financial institutions to adjust transaction monitoring risk configuration parameters.
This FinCEN March 2009 study examines the activities of a group of individuals and organizations reported in depository institution SARs (SARDIs) for suspected mortgage loan fraud (“MLF subjects”) and identifies patterns of activities associated with these MLF subjects by evaluating three other types of SARs: • Those filed by money services businesses (SAR-MSBs) • Securities brokers, securities dealers, or insurance companies (SAR-SFs) • Casinos or card clubs (SAR-Cs) The purpose of this study is to better understand the relationship between mortgage loan fraud and other financial crime and to identify ways in which financial crime extends through multiple financial industries. For depository institutions like credit unions, this report provides further context in the experiences across the financial industry as a whole. This most recent report aims to provide
July August 2009 Volume 3 Number 2
new insights as to how a variety of businesses besides lending institutions can play a role in the discovery of potential fraud.
FinCEN Report on Impact of Rule that Required EDD of Accounts of Certain Foreign Banks http://www.fincen.gov/news_room/rp/ files/Special_Due_Diligence_Program.pdf This March 2009 report looks at the impact of final rules concerning Special Due Diligence Programs for Certain Foreign Accounts, which implement Section 312 of Title III of the U.S. Patriot Act. On August 9, 2007, FinCEN issued a Final Rule (2007 Rule) implementing
Financial Crime News from Around the World
the enhanced due diligence (EDD) provisions of Section 312, requiring that covered financial institutions apply riskbased procedures to the accounts of three categories of foreign banks. The 2007 Rule supplemented the Special Due Diligence Final Rule published on January 4, 2006 (2006 Rule), which implemented due diligence requirements for correspondent accounts for foreign financial institutions. This analysis sought to provide an initial indication as to whether the Special Due Diligence provisions adopted through the 2006 and 2007 Rules appear to be achieving their intended results. The conclusions are that the Special Due Diligence requirements of the 2006 and 2007 Rules (with respect to EDD)
U.S. FinCEN Proposes Rule and Guidance on Sharing Internally SAR-Related Information http://www.fincen.gov/news_room/nr/ html/20090303.html On March 3, 2009, the U.S. Financial Crimes Enforcement Network (FinCEN) submitted a proposal to permit certain financial institutions to share SARs (Suspicious Activity Reports) within a corporate organizational structure. The proposal contains revised rules and a new guidance that will ensure appropriate sharing of critical information while safeguarding confidentiality of an institution’s sensitive information.
appear as a general matter to have been understood by covered financial institutions, and initial indications showed financial institutions generally implementing them as intended. The information received from industry, regulators and SAR filings is consistent with expectations for a risk-based approach to BSA compliance.
July August 2009 Volume 3 Number 2
SAR sharing of information helps financial institutions to assess risks based on information with regard to suspicious transactions taking place through other affiliates or lines of business within its corporate organizational structures. It also eliminates the current need for
an institution to create a separate summary document, crafted carefully within for example a line of business to avoid revealing the existence of a SAR itself and therefore making it easier to exchange critical but sensitive information between separate corporate organizational structures. The comment period on the notice of proposed rulemaking and of the proposed guidance is until June 8, 2009.
U.K. FSA 2008 Financial Crime Stakeholder Research http://www.fsa.gov.uk/pubs/other/ perceptions.pdf The U.K. Financial Services Authority (FSA) released in January 2009 a follow-up survey to assess its views on financial crime, current policy and practice, and the effectiveness of the FSA in meeting its statutory objective. This research focused on the financial crime components money laundering and fraud. A selection of main findings:
NetPractice Exchange Page 19
• Many large and small firms believe that financial crime is increasing. Likewise, the tackling of financial crime is increasing in priority at all firms, but particularly large firms. • The majority of large firms, particularly retail, have made significant changes to financial crime processes and are investing in resources to facilitate this. This is reflected in the increased priority given to financial crime issues by their senior management. • In terms of specific aspects of financial crime, dealing with data security and ID theft is increasing in priority across all firm types. • As regards the consequences of financial crime, financial loss to clients was the most common concern for firms. Firms continue to view financial loss to their clients as a greater concern than financial loss to themselves.
GRECO General Activity 2008 Report http://www.coe.int/t/dghl/monitoring/ greco/documents/2009/Greco(2009)1_ ActRep2008_EN.pdf The Group of States against Corruption (GRECO) published on March 26, 2009, its 9th General Activity Report (2008). The report contains a featured article on the independent monitoring of party funding. The article focuses on the role of supervisory bodies in identifying, monitoring and addressing corruption in political financing and stresses that many states lack effective monitoring and enforcement mechanisms. The relationship between political financing and corruption has been a long-standing area of concern for countries around the world. GRECO was established in 1999 by the Council of Europe to monitor States’ compliance with the organization’s
NetPractice Exchange Page 20
anti-corruption standards. The scope of GRECO’s membership stands at 45 European States and the United States of America.
G-20 and OECD Crackdown on Tax Havens http://www.oecd.org/ dataoecd/38/14/42497950.pdf World leaders at the April G-20 summit in London agreed to take action against non-cooperative jurisdictions, including tax havens. “We stand ready to deploy sanctions to protect our public finances and financial systems. The era of banking secrecy is over,” the G-20 communique said. On that same note, on April 2, the Organisation for Economic Cooperation and Development (OECD) put several countries including Costa Rica, Malaysia and the Philippines on its blacklist of non-cooperative tax havens. A “grey list”’ of countries that have agreed to improve transparency standards but have not yet substantially implemented the necessary international agreements included Austria, Bahamas, Cayman Islands, Luxembourg, Liechtenstein, Monaco, Singapore and Switzerland. According to international press reports, Luxembourg Prime Minister Jean-Claude Juncker asked leaders of other EU member states to challenge the United States for tolerating its own tax havens of Delaware, Nevada and Wyoming. Those states are popular locations for incorporating businesses, in large part because of their tax advantages. The U.S. Virgin Islands are also known for their tax benefits. There have been growing concerns that so-called tax havens have substantially contributed to the global economic crisis that is still unraveling.
Next-Generation Continued from Page 11
The only trace of these movements is formed by the various (loan) contracts transferring or setting off debts and credit instruments between shell companies. In order to address future money laundering attempts we need strategic thinking, including the identification of future laundering threats and planning of the related mitigation activities. Knowledge sharing between financial services industry, regulators, law enforcement and tool vendors is needed as well. Changes in the current AML profession and AML programs in financial institutions are required, too. AML procedures should be implemented as well for those activities not directly executed by retail or private banking. Knowledge about corporate structures for tax optimization and the ability to understand complex, legal contracts is key and must be developed. Change of concept from “AML officer” to a multidisciplinary “AML team” is a realistic and unavoidable scenario in this regard. The required multidisciplinary approach of next-generation AML should be embedded in the educational programs for the next-generation AML professionals. The Master Class AML, a cooperation between Association of Certified Anti-Money Laundering Specialists (ACAMS) and the University of Maastricht Business School (UMBS) in the Netherlands, is one of the initiatives to respond to the evolution in AML education needs. A multidisciplinary approach, applying academic principles and engaging lecturers with proven track records in their field of expertise are the core elements of this Master Class in preparing participants for their Certified Anti-Money Laundering Specialist (CAMS) certification exam. For more information, please visit: http://www.fdewb.unimaas.nl/UMBS/aml/
July August 2009 Volume 3 Number 2
NetPractice Exchange This magazine is published three times per year and is a publication by Fiserv for NetPractice members and others interested in NetPractice or Fraud and Compliance Solutions.
10 Reasons to Join NetPractice: A chance to interact with other AML and fraud detection experts
NetPractice Advisory Board Florisela Bentoera, CAMS, Manager Compliance and AML Operations, RBTT Dutch Caribbean, Curacao, Netherlands Antilles
1.
Tom Firnhaber, Director of Compliance, NetSpend, Austin, TX, USA
Not a NetPractice member yet? NetPractice is an online Fraud and Compliance Solutions user community that develops, delivers and supports innovative services and resources that helps its members improve the way they control the risks associated with financial crime management and compliance initiatives. To become a member, please visit www.netpractice.fiserv.com.
Deborah King, CAMS, VP Director AML Investigations, Citizens Financial Group, Medfort, MA, USA Saskia Rietbroek, CAMS, Financial Crime Advisor, Fiserv Fraud and Compliance, Miami, FL, USA (Chair) Cindy Shelton Ryan, CAMS, Compliance Officer, Bank-Fund Staff Federal Credit Union, Washington D.C., USA Aleksejs Truhans, IT Development, Parex Banka, Latvia
Poll Question and Results How frequently do you update country risk profiles for purposes of monitoring for suspicious activity? Once per month ......24% Once per quarter .....44% Once per year ..........32%
32%
24%
Once per month
Once per year
Fiserv is a registered trademark. Other products referenced in this material may be trademarks or registered trademarks of their respective companies. © 2009 Fiserv, Inc. or its affiliates.
NetPractice Exchange Page i
3. 4.
5.
6.
7.
8.
Get immediate online access to dedicated tools and resources to enhance performance, streamline processes and reduce costs Enhance your anti-money laundering and fraud investigation skills so you can take yourself to a new professional level Get continuous access to an international network of other users of our solutions to ensure up-to-date knowledge and expertise in using monitoring techniques Receive insight into the latest anti-money laundering and anti-fraud initiatives
9.
Get involved! NetPractice is a rewarding way for you to share your expertise while meeting new people and making new contacts around the world 10. Get ACAMS continuing education credits for selected NetPractice webinars
Event
Location/Website
Date
Fiserv Fraud and Compliance Webinar: “How to Efficiency Manage Money Laundering Risk with Slashed Budgets”
www.netpractice.fiserv.com
June 3, 2009
American Bankers Association Regulatory Compliance Conference
Orlando, Florida www.aba.com/Events/RCC.htm
June 7 – 10, 2009
Fiserv Fraud and Compliance Client Conference 2009
Amsterdam, The Netherlands www.netpractice.fiserv.com/user_ group_event_2009.aspx
June 10 – 11, 2009
7th Annual Money Laundering and Financial Crime Conference
London, United Kingdom www.cityandfinancial.com
July 5, 2009
20th Annual ACFE Fraud Conference
Las Vegas, Nevada www.fraudconference.com
July 12 – 17, 2009
Fiserv Fraud and Compliance Webinar: “ATM and ACH Fraud”
www.netpractice.fiserv.com
July 30, 2009
8th Annual International ACAMS Conference
Las Vegas, Nevada www.acams.org
September 30 – October 2, 2009
AFP National Convention
San Francisco, California www.afponline.org
October 4 – 7, 2009
American Bankers Association Money Laundering Enforcement Conference
Washington, D.C. www.aba.com/Events/MLE.htm
October 11 – 13, 2009
Once per quarter
Marketing Coordinator: Roos Goosen This newsletter is for general information purposes only. The views expressed in this newsletter are not necessarily those of Fiserv, Inc. Fiserv has taken all reasonable measures to ensure that the material contained in this newsletter is correct. However, Fiserv offers no warranty and accepts no responsibility for the accuracy or the completeness of the material. In publishing this newsletter, neither the authors nor Fiserv are engaged in rendering legal or other professional advice.
2.
Online member community of thousands of peers using Fiserv Fraud and Compliance solutions for fast real-world problemsolving and idea sharing Watch online videos with step-by-step instructions about how to best use our solutions Receive monthly training on solutions, compliance strategies and financial crime Receive NetPractice Exchange: a print newsletter with thought leadership articles, news and best-practice techniques for improved risk detection and management
Calendar of Events
44% NetPractice Staff Director: Stanley Harmsen van der Vliet, CAMS
NetPractice is a highly specialized service that focuses on the specific needs of one niche group: financial crime professionals who work with Fraud and Compliance Solutions technology from Fiserv. NetPractice’s value and advantage lie in its focused best-practice information, its dedicated services and its commitment to enriching the professional lives of its members. NetPractice combines our technology with the human element, an online user community to enrich the professional development, learning, connectivity and the professional lives of the members through the sharing of knowledge.
NetPractice United States of America 255 Fiserv Drive Brookfield, WI 53045 Phone: +1 262-879-5000 Toll Free: +1 800-872-7882 Fax: +1 262-879-5013
Our next poll question is:
Europe Loire 200-202 2491 AM, The Hague The Netherlands Tel: +31 70 452 5448 Fax: +31 70 452 5444
Cast your vote at: www.netpractice.fiserv.com.
With what percentage has your financial institution’s AML/fraud detection budget been cut because of the recession?
netpractice@fiserv.com www.netpractice.fiserv.com
July August 2009 Volume 3 Number 2
July August 2009 Volume 3 Number 2
NetPractice Exchange Page 21
NetPractice Exchange Fraud and Compliance Best Practice Community from Fiserv
Fiserv, Inc. 255 Fiserv Drive Brookfield, WI 53045
+1 800-872-7882 +1 262-879-5013 getsolutions@fiserv.com www.fiserv.com
Fiserv is a registered trademark. Other products referenced in this material may be trademarks or registered trademarks of their respective companies. © 2009 Fiserv, Inc. or its affiliates. 1-73-9-MS FIS Fraud & Compliance July/August 2009 NetPractice.
+31 70 452 5448 netpractice@fiserv.com www.netpractice.fiserv.com.
July August 2009 Volume 3 Number 2
The Next Wave of Check Fraud: Are You READY? Page 4
Cover Payment Messages in Cross Border Wire Transfers Will Intermediary Banks Carry the Burden of Necessary AML Investments? Page 16