commercial banking kyc, trade-based money-laundering, sanctions & fraud controls
TRANSCRIPT
January 2016
Lead consultant contact:+65 8138 7340
Integrated Key Risk Controls, Reporting & AutomationSample(s) for this presentation:CB-XBO.01 Commercial Banking KYC, Fraud Mitigation & AML Monitoring (incl. Sanctions)
Who We Are
DigiScape provides bespoke multi-level risk management solutions arm for the financial services industry. TEMASWISS is, since August 2015,
the bespoke consulting and training arm of DigiScape.
Temaswiss’ consulting, training and analytics arms is at its core, a think-tank of veteran bankers, risk managers and financial crime risk specialists with a combined experience exceeding seventy years.
In its consulting value proposition, it focuses solely on expertise in Operational Risks, Regulatory Compliance, Sales Governance, AML & Transactions Monitoring and Conduct Risks for Commercial and Private Banking.
Unparalleled point-in-time insights from C-level Legal, Compliance and Operational Risk banking industry practitioners, MAS Singapore and other ASEAN & South Asian Regulators on: audit results, regulatory guidance, practical implementation challenges.
Each of our holistic engagements are led, throughout its life-cycle, by a senior consultant with detailed expertise and hands-on experience on banking processes, regulatory requirements, industry best practices and pragmatic solutions for specifically the risks to be mitigated and processes to be revamped.
Quality being foremost, we operate by engaging the regionally best-in-class expertise from a large pool of outreach specialist consultants and we have no more than 3 major engagements underway at any given time.
Focus is upon process advisory and mapping between the strategic initiatives and comprehensive integrated risk-mitigation programmes of banks and the service provision of solution providers.
As a sit-beside organization, we provide un-conflicted support to our financial services client to vet and to select controls automation, interface, data tool and technology provider that best fulfills the requirements.
Unique Insights - Cumulative Learning To Your Benefit
Root cause analysis of fraud incident was incomplete and detection scenarios were not adapted accordingly.
AML and Fraud detections scenarios are standardized and not satisfactorily tweaked in variation to relevant banking segments,products and geographic variations.
Excessive redundant data and alerts are being produced from the transactions monitoring systems due to inadequate fine-tuning of alerts generated.
Relationship bankers and/or middle-office and/or transactions monitoring staff are inadequately trained on the latest trends.
The regulatory reporting does not capture the data for XX products and/or XX transactions that do not follow the usual channels.
Due to the grandfathering of pre-existing customer KYC data, the detection scenarios for AML/ fraud are no longer effective.
Due to process inadequacies the alerts were not timely escalated to AML/ Regulatory Compliance.
Although Politically Exposed Persons were detected in the ownership structure, the accounts were not subjected to Enhanced Due-Diligence.
Range of Regulator’s Long-Form Audit & External Audit Issues Raised
Common Pitfalls (What Do We Help You Avoid)
Excessive “False-Hits” due to Inadequate Rules Engine
Customisation
The bank data realities do not
match tool capabilities
Literal ‘reading’ of Regulatory
expectations without Risk Mitigation
Focus
Cost & Effort exceeds budget and the Bank’s risk appetite
“Off-the-Shelf” solutions that are
NOT optimal
Inadequate 3P(Process, People,
Procedures) Parametrisation
Support
End-to-End Engagement and Beyond
Present-StateEvaluation & Concurrence on Risk Mitigations
Advisory & Consultation on:
Gaps, Risks, Best-practice controls,
Control functional alignment and
process placement
Enhancements:Immediate or Interim
Manual Controls, Implementation of
controls, operating manuals, Reporting,Training & MI.
Strategic Engagement:Controls SMARTS
assessment, automationSWOT analysis, stake-
holders engagement,project management
infrastructure, RFQ
Off-The-Shelf*:Research and
proposition of Best-suited
solution andprovider
White-Labelled*:Alignment of
additional requirements,
interface processdesign
Greenfield Development*:
Identification &Evaluation of Data
sources & inter-facing required,
Ops processes
End-to-End ProgrammeManagement:
- Data current-stateEvaluation.
- Tool development(only for greenfield)- Project resources
- Vendor management- Project Business Info
Security & Tech Info Security competencies
- Dashboards, MI & Stakeholders reporting
- operational process alignment
- UAT design andconduct
-assurance design
Fine Tuning:- Multi-months
Helpdesk services- UAT residual remediation
- Source-code and knowledge securing-Audit preparedness
Training:- Training material
- Primary Users - Assurance Users
- MI & Dashboardsdesign & production
-Lag avoidance measures
Maintenance:- System Patch Alerts
- Regulatory & Industry Best Practices Advisory
- Periodic Enhancements- Periodic Data quality
and effectiveness assurance reviews
End-to-end process audit by us, Controls function corroborative engagement or desktop review. Or combinations thereof.
Holistic reporting encompassing review of established controls and reliability of situational and contextual risk mitigants. Disclosure of fragmented, missing or ineffective controls, regulatory point-in-time expectations, peer audit results, industry best practices. Complete with advisory on proposed baseline controls.
Stakeholder engagement, proposal, buy-in and implementation of where either existing controls could be enhanced or immediate/ interim control placed at low effort and costs to materially mitigate risks or audit adverse results. Aligned to management risk appetite and acceptance.
ASSESSMENT LOW –HANGING FRUITS STRATEGY FORMULATION SUSTAINABLE DEVELOPMENTS
* Technology vendor proposal always at arms-length versus vendor.
! Express Compliance to
new entrant / new jurisdiction / enhanced regulations. e.g. MAS 626
Other Key Risk Controls Integration & Automations Available Currently
CB-XBO.01 Commercial Banking KYC, Fraud Mitigation & AML Monitoring
PB-XBO.02 Cross-Border High Value Lending & Assets Securing (PB bespoke transactions)
CB-TGC.001 Commercial Banking Treasury Team Sales Governance (including MAS Compliance)
PB-ENC.002 Private Banking Ethics & Conduct Risk Controls (In-business & Neutral Assurance)
CB-ENC.001 Commercial Banking Ethics & Conduct Risks Controls (incl. Control Room Assurance and MSI Unit Communications Monitoring)
OP-INS.002 Operational Risk Incident Management, Escalation, Investigations, Reputational Risk Containment Measures
PB-KYC.001 Private Banking Client On-Boarding, Periodic Reviews, Trigger Events – Building CDD Team, Controls & Processes
PB-AML.004 Private Banking AML Transactions Monitoring – Rules Engine & Trigger Events Build
CB-KYC.001 Commercial Banking Client On-Boarding, On-Boarding, Periodic Reviews, Trigger Events – Building CDD Team, Controls & Processes
CB-AML.002 Commercial Banking AML Transactions Monitoring – Rules Engine & Trigger Events Build
PB-SGO.001 Private Banking Customer Suitability and Sales Governance Controls
CB-SGO.001 Commercial Banking Sales Governance Controls
CB-AML.003 Commercial Banking – Cross-Border Trade-Based AML Controls
PB/CB-SGO.005 Private or Commercial Banking – Banc assurance & Insurance-Wrapped Product Sales Controls
PB-SGO.006 Private Banking TCF & RM Balanced Scorecard Design & Controls
CB-SGO.006 Commercial Banking TCF & RM Balanced Scorecard Design & Controls
CB-GSC.001 Commercial Banking – Vendor Management, Outsourcing, Offshoring & Right-shoring Controls