By Gary Allemann, managing director Master Data Management
SOUTH Africa is the only permanent African member of the Financial Action Task Force (FATF), the global anti-money laundering watchdog. This is why it came as a shock to hear that the country is close to being grey-listed following concerns raised by the global body.
Basically, FATF membership helps to streamline the movement of money across borders by guaranteeing that the parties involved in a transaction are above board. In South Africa, for example, most of us will be familiar with the Financial Intelligence Centre Act (FICA) – the regulations requiring banks and other parties to confirm an entity’s identification and physical address.
This information is then used to ensure that the person (or company) is legitimate (by comparing to international sanctions lists) and to build a risk profile that can flag suspicious transactions – for example, if an amount of money is being moved for a purpose that is not in line with the company’s historical business.
Initially targeting banks, FICA has expanded to affect various sectors where assets change hands, such as insurance, real estate and law, meaning that the Financial Intelligence Centre is able to build a more complete picture of each individual transacting in the country.
Systemic issues
Recently, the South African government announced a draft of amendments and additions to key Anti-Money Laundering (AML) laws, including the above-mentioned FICA, to address systemic issues – the culture of state capture and corruption – that have been raised as concerns by FATF. We have also tabled a new bill.
In most cases, these changes seek to make it more difficult for individuals to hide their identity behind complex structures and are certainly a step in the right direction. Yet, correctly identifying individuals at account creation is only part of the problem.
Dealing with data uncertainty
Earlier this year, A-team Insights hosted a roundtable discussion exploring the topic of adding value and improving efficiency in sanctions screening. The roundtable left participants with two key takeaways:
- Sanctions screening is becoming more complex
- Data transparency is essential
To guarantee sanction screening, financial institutions must have access to two rapidly changing sets of reference data. The first is an explicit list of individuals and entities that are directly sanctioned. The second, more complex list, is the set of entities with implicit sanctions. Typically, this means entities that have a majority shareholding from sanctioned individuals.
Screening tools compare internal customer lists to the above-mentioned reference lists. But these tools can only be as effective as the data passed to them. Maintaining the integrity of internal AML data is, of course, a step in the right direction, particularly for dealing with explicitly sanctioned individuals.
Implicitly sanctioned entities are harder to identify. While the regulatory changes mentioned aim to make it more difficult to hide ownership structures, investments in new technologies such as graph MDM are required to uncover hidden relationships between entities.
Dealing with transactions
Another huge data challenge is that of identifying sanctioned activities at the transactional level. Millions of cross-border transactions take place per day – via SWIFT, PayPal, and various mobile payment mechanisms. In each case, the transaction should record a sending and receiving party, the purpose for which the funds are being transferred, and the amount.
Financial institutions may have an accurate record for the sending party (their customer) but must now accurately identify and verify the receiving party – i.e. run them through sanctions screening – and must identify the transaction amount and purpose to flag suspicious transactions.
The sheer volume of transactions presents the first challenge – for large organisations, these can run into millions of transactions a day.
Data integrity is the second challenge. Transactions with fraudulent intent will typically make an effort to hide the identity of the receiving party – for example, by excluding some details or by misspelling a name. These minor variations make it hard to accurately identify sanctioned individuals.
One international banking group turned to big data technologies to address two key AML challenges:
- Identifying money moving silently between joint account holders
- Managing exploits related to poorly formatted SWIFT messages.
The bank uses Trillium for Big Data to prepare and validate SWIFT messages – ensuring that each record is broken into its key elements, which are each standardised and validated. Each transaction is then checked against external reference sources such as international anti-terrorism lists. By enhancing their big data platform with in-built data quality, the bank is now able to process and validate hundreds of millions of transactions daily, significantly reducing their AML risk.
Take action to avoid grey-listing
As a country, we need to take urgent action to avoid FATF grey-listing. The government certainly is part of the problem, but at least appears to be taking concrete steps to address concerns. Corporate South Africa must also show intent by investing in the data management infrastructure necessary to ensure compliance