20170817 fico - the evolution of regulatory compliance ... · fico aml advanced analytics feature...
TRANSCRIPT
© 2017 Fair Isaac Corporation. Confidential. This presentation is provided for the recipient only and cannot be reproduced or shared without Fair Isaac Corporation’s express consent.
18th Annual Conference Compliance Institute SA –Shaping the Future of Compliance in Africa17th August 2017
The Evolution of Regulatory Compliance into the use of Analytics
Jürgen KriegDirector Solution Sales - FICO TONBELLER
© 2017 Fair Isaac Corporation. Confidential. 2
Jürgen Krieg
• Savings Bank Ulm, Germany
• MBA, Henley Business School
• 12 years selling Core Banking Systems
• 4 years selling regulatory Compliance at FICO TONBELLER, Heading the EMEA sales team
• Living in Mannheim, Germany
© 2017 Fair Isaac Corporation. Confidential. 3
Closed Loop: The GRC Framework for Regulatory Compliance
GOVERNANCE
Tone of the Top
Company Strategy(geographic markets & customer groups,
products & services, sales channels)
Risk Assessmentdescribes and assesses risks
- abstract- categorized
- model based
Compliance ResearchImplementation of the risk in scenarios
- precise- individual / person - related
- data - based
Sing
le C
ases
-Es
cala
tion
Upd
ate
Ris
k As
sess
men
t
RISK
COMPLIANCE
Code of conduct
Ris
k &
Com
plia
nce
Coc
kpit
Risk Appetite
Implementation
© 2017 Fair Isaac Corporation. Confidential. 4
AML Analytics Maturity Model
Level 1Rules and basic analytics
• Rules-only KYC customer decisioning and transactional monitoring• Basic analytics capabilities• Investigate alerts
Level 2Enhanced AnalyticPrioritization
• Prioritize alerts based on analytic model scores• Challenge KYC-based segmentation with transaction-based
behavior analytics• Still rules-first approach
Level 3Analytics Scores-first
• Scores first, rules second. • Analytic model drives case-working• Reduced set of rules• Real-time blocking of highest risk transactions
Level 4Adaptive models
• Analytic models with adaptive feedback • Recent SARs influence scores• Advanced investigation based on customer transaction similarity• Rules to respond to regulatory typologies
© 2017 Fair Isaac Corporation. Confidential. 5
Key Challenges of Customers
1. Cost pressure (TCO)2. Efficiency of processes3. Volatility of regulatory requirements4. Increasing data volume5. Unknown risks and scenarios6. Uncertainty of legal risk7. Legal pluralism (regulatory compliance, data protection, different jurisdictions etc)8. Heterogenous IT-environments and data9. Convergence of different compliance disciplines10.Big Data (structured, unstructured, SNA)11.New technologies (Analytics, AI/ML, SNA, text analysis)12.Simulation of decisions, optimization of scenarios13.Shorter reaction times / real-time14.Data quality15.Risk Assessment (completeness, context, adaptation)16.Heterogeneous reporting requirements
© 2017 Fair Isaac Corporation. Confidential. 6
How Analytics Can Support in the Various Steps of the Compliance Process
Risk Assessment Customer Acceptance
Generation of Alerts Investigation
1. Risk prognosis for new customers based on models build from historic data
2. Identification of relevant attributes with strong relevance for prognosis
1. Identification, quantification and modelling of risks
2. Continuous monitoringof risk landscape (in real-time)
3. Development of best practices (consortiummodel)
1. Identification of behavioural changes and outliers (soft clustering misalignment)
2. Learning from true positives (filed SAR) and false positives (Aml threat score)
3. Alert on suspicious relations/networks from SNA
1. Priorisation of alerts using analytics (SCM)
2. Identification of similar cases and proposal of workflows
3. Provision of additional data to support investigation
4. Automatic execution of notebooks (prepare data and workflows)
5. Social Network Analysis to support investigation
6. Automated closing of low priority alerts
7. Special investigations based on FIU requests (SNA)
© 2017 Fair Isaac Corporation. Confidential. 7
Overview of the systemSiron®Anti-Financial Crime Solutions
© 2017 Fair Isaac Corporation. Confidential. 8
Siron®Anti-Financial Crime solutions providing an End-to-End KYC approach
Business and Organization
Know your CustomerCustomer Acceptance
Ongoing Due Diligence
Security and Technology Usage
Statistics and lessons
learned
Enhanced CDD Simplified CDD
3rd PartyDatabase Provider
PEP
WL / sanctions…
Beneficial Owners
ICIJ Offshore Leaks Date Base (incl. Panama Papers) Risk and
Compliance CockpitCase Management and Regulatory Filing
Compliance Requirements40/9 FATF recommendations, 4th EU ML directive, BSA, Sarbanes Oxley Act, …
Training and Awareness program
,independent audit
Man
agem
ent C
omm
itmen
t Processes Initiatives Policies …
Anti-FraudCounter-Terrorism FinancingAML
Business Risk Assessment
FATCAand AEOI (CRS)
Reporting
© 2017 Fair Isaac Corporation. Confidential. 9
Sanctionswatch lists
(EU, OFAC, UN)Bad
pressBeneficial
ownerOffshore Leaks Database (incl. Panama Papers)
PEP screeningvia 3rd party
data
Counter Terrorism Financing
?
3rd Party Applications and Data
Risk Rating(can be defined
individually)
Flexible,Dynamic KYCQuestionnaires
Not acceptable
High
Medium
Low
CustomerAcceptance
ContinuousInvestigation
(ML)Every 5th Year*
Every 2nd Year*
Every Year*
CustomerAccepted
* Numbers can differ by country/region
ContinuousScreening
(Fraud)
Use Case of KYC lifecycle approach – integrated 3600 view of client risk
KYC
EMB
AML
FALCONReview:
© 2017 Fair Isaac Corporation. Confidential. 10
CustomerAccepted
Sanctionswatch lists
(EU, OFAC, UN)Bad
pressOffshore Leaks Database (incl. Panama Papers)
PEP screeningvia 3rd party
data
3rd Party Applications and Data
Beneficialowner ID Verification
Counter Terrorism Financing
?
Risk Rating(can be defined
individually)
Flexible,Dynamic KYCQuestionnaires
(Siron®KYC)
Not acceptable
High
Medium
Low
CustomerAcceptance Continuous
InvestigationEvery 5th Year*
Every 2nd Year*
Every Year*
* Numbers can differ by country/region
ContinuousScreening
Siron®KYC – 1st Step: Initial Risk Rating
KYC
EMB
AML
FALCONReview:
No matchesNo matches
Initial profile = low risk
Initial profile = low risk
New customer to answer
questionnaire
New customer to answer
questionnaireLow risk
indicatorsonly
Low risk indicators
only
”Low risk“ set of scenarios will
be used
”Low risk“ set of scenarios will
be used
© 2017 Fair Isaac Corporation. Confidential. 11
CustomerAccepted
Sanctionswatch lists
(EU, OFAC, UN)Bad
pressOffshore Leaks Database (incl. Panama Papers)
PEP screeningvia 3rd party
data
3rd Party Applications and Data
Beneficialowner ID Verification
Counter Terrorism Financing
?
Risk Rating(can be defined
individually)
Flexible,Dynamic KYCQuestionnaires
(Siron®KYC)
Not acceptable
High
Medium
Low
CustomerAcceptance Continuous
InvestigationEvery 5th Year*
Every 2nd Year*
Every Year*
* Numbers can differ by country/region
ContinuousScreening
Siron®KYC – 2nd Step: Ongoing Behavior
KYC
EMB
AML
FALCONReview:
New risk category =medium risk
New risk category =medium risk
Unexpected / unusualtransaction
Unexpected / unusualtransaction
“Medium risk“ set of scenarios will be used“Medium risk“ set of
scenarios will be used
© 2017 Fair Isaac Corporation. Confidential. 12
CustomerAccepted
Sanctionswatch lists
(EU, OFAC, UN)Bad
pressOffshore Leaks Database (incl. Panama Papers)
PEP screeningvia 3rd party
data
3rd Party Applications and Data
Beneficialowner ID Verification
Counter Terrorism Financing
?
Risk Rating(can be defined
individually)
Flexible,Dynamic KYCQuestionnaires
(Siron®KYC)
Not acceptable
High
Medium
Low
CustomerAcceptance Continuous
InvestigationEvery 5th Year*
Every 2nd Year*
Every Year*
* Numbers can differ by country/region
ContinuousScreening
Siron®KYC – 3rd Step: New Information From 3rd Party
KYC
EMB
AML
FALCONReview:
New BO to beconsidered a PEP
New BO to beconsidered a PEP
Change ofBeneficial Owner
Change ofBeneficial Owner
New risk ratingaccording to PEPstatus = high risk
New risk ratingaccording to PEPstatus = high risk
Enhanced due diligence
Closer monitoring;“high risk“ set of
scenarios will be used
Enhanced due diligence
Closer monitoring;“high risk“ set of
scenarios will be used
© 2017 Fair Isaac Corporation. Confidential. 13
CustomerAccepted
Sanctionswatch lists
(EU, OFAC, UN)Bad
pressOffshore Leaks Database (incl. Panama Papers)
PEP screeningvia 3rd party
data
3rd Party Applications and Data
Beneficialowner ID Verification
Counter Terrorism Financing
?
Risk Rating(can be defined
individually)
Flexible,Dynamic KYCQuestionnaires
(Siron®KYC)
Not acceptable
High
Medium
Low
CustomerAcceptance Continuous
InvestigationEvery 5th Year*
Every 2nd Year*
Every Year*
* Numbers can differ by country/region
ContinuousScreening
Siron®KYC – 3rd Step: Behavior Monitoring
KYC
EMB
AML
FALCONReview:
Re-classificationRe-classification
BlockingTransaction
BlockingTransaction
Enhanceddue diligence
Enhanceddue diligence
FraudulenttransactionFraudulenttransaction
© 2017 Fair Isaac Corporation. Confidential. 14
CustomerAccepted
Sanctionswatch lists
(EU, OFAC, UN)Bad
pressOffshore Leaks Database (incl. Panama Papers)
PEP screeningvia 3rd party
data
3rd Party Applications and Data
Beneficialowner ID Verification
Counter Terrorism Financing
?
Risk Rating(can be defined
individually)
Flexible,Dynamic KYCQuestionnaires
(Siron®KYC)
Not acceptable
High
Medium
Low
CustomerAcceptance Continuous
InvestigationEvery 5th Year*
Every 2nd Year*
Every Year*
* Numbers can differ by country/region
ContinuousScreening
Siron®KYC – 3rd Step: Behavior Monitoring
KYC
EMB
AML
FALCONReview:
OFAC match leadsto new category= not acceptable
OFAC match leadsto new category= not acceptable
OFAC matchOFAC match
New risk category =not acceptable
New risk category =not acceptable
Blacklistingof customerBlacklistingof customer
Terminatecustomer and
close monitoring
Terminatecustomer and
close monitoring
Blockingtransactions
Blockingtransactions
© 2017 Fair Isaac Corporation. Confidential. 15
“What is unusual behavior?”
“In future we will see the combination of rule-based detection methods with Advanced Analytics”
Basic profiling capabilities (already part of any Siron®AML installation):
1. … compared to predefined thresholds
2. … compared to stated behavior during KYC onboarding
3. … compared to historic behavior (e.g. dormant account with sudden increase…)
4. … compared to peer group
Advanced Analytics:
5. … based on FICO patented machine learning capabilities…
© 2017 Fair Isaac Corporation. Confidential. 16
Siron®AML Workflow
Operational Systems• Daily
Data• External
Data
Siron® AML
ETL Process
Audit• Scenarios• Analysis• Investigati
ons• Reports• Actions• ...
Transactions
Accounts
Customers
Alerts, Investigation & Case Management• Monitoring• Analysis• Reporting (FinCEN)
Configuration• Set of Scenarios• Customer Groups• Analytics Setup
Profiles/ Statistics
Scoring processAML
Advanced Analytics
Model
Detection Scenarios
Analytics Scoring
© 2017 Fair Isaac Corporation. Confidential. 17
Siron®Anti-Financial Crime Solutions provide analytics capabilities
• Objective: Generating alerts at Low False Positive Rate• Allowing easy setup and configuration of detection scenarios by the end-user• Allowing customer ongoing risk classification• Based on customer data, account data, transaction data, non-monetary events and profile data• Peer-Group Profile comparison. • Historic comparisons
• Profile Base Data:• Sum, Number, Min, Max, Average and Standard Deviation• Per transaction type• Per account / customer• On a monthly bases• E.g. Sum/Number/Min/Max/Average/Std Deviation of foreign transactions per account per
month
© 2017 Fair Isaac Corporation. Confidential. 18
FICO Siron®AML Advanced Analytics:
Current product features and integration
© 2017 Fair Isaac Corporation. Confidential. 19
FICO AML Advanced Analytics
Feature Description Benefit
AML Soft Clustering Misalignment Score
Low Scores – Aligned with peer group, normal behavior. Lower risk.
High Scores – Different from peer group, abnormal behavior. Higher risk or need to revisit KYC.
Reason Codes – Explain why model produced score
Find bad actors based on misalignment with clusters. Complements existing rules-based KYC solution.
No historical SAR data required to train score.
AML Threat Score Low Scores –Behavior is normal for peer group. Not similar to SARs.
High Scores – Suspicious money-laundering activity, similar to historical SARs. Unusual behavior.
Reason Codes – Explain why model produced score
Find more suspicious behavior. Reduce risk of regulatory fines
Prioritize Alerts - Identify which alerts are more critical and investigate first
Improved efficiency of compliance efforts.
Two scores can be used together or independently. Scores from 1-999
© 2017 Fair Isaac Corporation. Confidential. 20
How Analytics delivers value to clients
• AML Soft-Clustering Misalignment (SCM) Score is high for customer whoareoutliers from their peer group and risk segmentation.
• High AML SCM Scores are correlated with known SARs, and also can detect unusual behavior which hasn’t been incorporated in rule scenarios. Better compliance by detecting suspicious behavior before it is a well-known scenario. Lower risk of fines.
• Find legitimate customers who are acting differently than peers. Customers may be underserved by current banking products. Marketing opportunity and improved customer-lifetime-value by updating KYC.
Improve KYC process
© 2017 Fair Isaac Corporation. Confidential. 21
How Analytics delivers value to clients
• Alert Prioritization: Detect suspicious activity faster─ Compliance team investigates based on combination of AML Threat Score and rule
firing. ─ AML Threat Score often increases before a rule/scenario is triggered.─ Reduced regulatory risk by detecting illicit activity sooner
• AML SCM score can also be used for Alert Prioritization─ When lack of SAR training data prevents AML Threat Score from being built.
Find more suspicious activity, and stop it faster
© 2017 Fair Isaac Corporation. Confidential. 22
Consulting to operationalize Analytics
Scores and Rules
Model installation
Data and profile validation
Model go-live
Consortium data sent to FICO
Retrain model
AML Analytics Process
Statement of Work/ Agreement on
Scope
Kickoff meeting anddata dapping
New client
© 2017 Fair Isaac Corporation. Confidential. 23
AML Analytics Maturity Model
Level 1Rules-only
• Rules-only KYC customer decisioning and transactional monitoring• Work all alerts
Level 2Analytic Prioritization
• Prioritize alerts based on analytic model scores• Challenge KYC-based segmentation with transaction-based
behavior analytics• Still rules-first approach
Level 3Scores-first
• Scores first, rules second. • Analytic model drives case-working• Reduced set of rules• Real-time blocking of highest risk transactions
Level 4Adaptive models
• Analytic models with adaptive feedback • Recent SARs influence scores• Advanced investigation based on customer transaction similarity• Rules to respond to regulatory typologies
© 2017 Fair Isaac Corporation. Confidential. 24
Summary
© 2017 Fair Isaac Corporation. Confidential. 25
Differentiators of Siron®Anti-Financial Crime Solutions
• Standard end-to-end software with highly flexible configuration capabilities
• Solution is combining:• Rule based checking• Pattern recognition• Profiling based detection• Link analysis• Advanced Analytical methods (as of version 18)
• One system for a whole corporation –Applicable for banks of all size and type of business
• Holistic 3600 customer risk view, alert and case management
• Investment protection (Hard- and Software, Knowledge) by use of existing system and database technology
• Best-in-class Multi-tenant capability
• Available on-premises / in-the-cloud / hybrid
• Largely automated surveillance
• Sophisticated case management workflow
capabilities (as of version 17)
• System-independently integrated into the IT-
infrastructure
• Scalable performance even for highest volume
of data
• Highly flexible support of any individual
definition of suspicion criteria
• End user-friendly dialog
• Audit trail protocols of all operations and
definitions
• Best-in-industry price-performance ratio
• Easy to update to future versions at low costs
© 2017 Fair Isaac Corporation. Confidential. 26
Highlights using Siron®Anti-Financial Crime Solutions
Secure from Reputational Damages
Live in Peace with the regulator (incl. 314a Search and 504t)
Understand client structure and Risk
Ready for next generation AML
Secure from Fines
Low TCO via a standard solution with rich configuration capabilities
© 2017 Fair Isaac Corporation. Confidential. 27
Jürgen Krieg
• Savings Bank Ulm, Germany
• MBA, Henley Business School
• 12 years selling Core Banking Systems
• 4 years selling regulatory Compliance at FICO TONBELLER, Heading the EMEA sales team
• Living in Mannheim, Germany
© 2017 Fair Isaac Corporation. Confidential. This presentation is provided for the recipient only and cannot be reproduced or shared without Fair Isaac Corporation’s express consent.
Thank YouJürgen KriegDirector Solution Sales – FICO TONBELLER