Home / Crime / 75% of banks aren’t checking for money launderers

75% of banks aren’t checking for money launderers

I got a shock the other day. 

We were discussing transaction processing with one of the banks,
when  the head of transaction processing
turned to me and said: “Chris, you know what? 
We now have more people checking what we are doing than we have doing
what we are doing!”

I think I was supposed to be surprised, but I didn’t quite
get it and asked what he meant.

“Well, now we have all these rules and regulations on Know
Your Client (KYC), Anti-Money Laundering (AML), tracking and tracing
Politically Exposed Persons (PEPs) and identifying and notifying authorities of
suspicious transactions with SARs (Suspicious Activity Reports) means that we
have more people employed in money laundering, compliance, audit and control
than we have employed in the actually business of running the bank.”

This seems ridiculous, I say.

After all, you
can automate all this stuff.

“Automate all this stuff, you say?  And how do we do that?  Most of this is making disparate connections
between fragmented data and much of it involves actually seeing people to
ensure they are who they say they are.”

So it’s a matter of document proofs and data analysis, both
of which I was dealing with back in the 1990s when AML was just an evolving art
and KYC we being introduced.

“It is that but, if you’ve been dealing with this since the
1990s, then it’s obvious that it cannot be computed as, if it could have been,
it would have been by now.”

Hmmm … I’m now sure I believe that.  After all, there are many elegant AML
solutions out there so perhaps the issue is not automation but organisation.

For many banks, payments and operations are dispersed over
many organisational functions and locations.

A multinational or global bank will often be the result of
mergers and acquisitions, and little will have been integrated on a globalised

Potentially you can put into play overlay systems, data
mining tools, aggregating services, but the issues will still be there of organisation
and operation.

There is also the question of priority: is catching the odd
awkward transaction a priority for the bank’s senior management team?

For example, the UK has some of the toughest AML legislation
anywhere in the world where, under the Proceeds of Crime Act 2002, you can get
fourteen years in jail if found guilty of laundering.


And yet a 2011 report by the Financial Services Authority (FSA) found that: “three quarters of the
in our sample failed to take adequate measures to establish the
legitimacy of the source of wealth and source of funds to be used in the
business relationship.”

So this area of the business is not as relevant to
banks as it may at first appear.

Certainly this was the case historically, as I don’t know of
many management teams who have cut through the silos, operations and global
spaghetti to create an integrated single platform view of the customer.

It’s just not something that justifies the operational pain
of change or the cost to warrant it.

Unless you get into deep doo-doos, like Standard Chartered
and HSBC did recently.

Then the awakened concerns of bank management around
reputational risk arise.

And when you add on to this the prospect of stinging fines
of anything from $300 million to over $1 billion, the cost of implementing such
change becomes warranted.

So I reckon AML will be a major focus for at least the next

Watch this space.


About Chris M Skinner

Chris M Skinner
Chris Skinner is best known as an independent commentator on the financial markets through his blog, the Finanser.com, as author of the bestselling book Digital Bank, and Chair of the European networking forum the Financial Services Club. He has been voted one of the most influential people in banking by The Financial Brand (as well as one of the best blogs), a FinTech Titan (Next Bank), one of the Fintech Leaders you need to follow (City AM, Deluxe and Jax Finance), as well as one of the Top 40 most influential people in financial technology by the Wall Street Journal’s Financial News. To learn more click here...

Check Also


URGENT: Open this attachment or your account will be suspended

I wake up today with the usual massive dump of emails, two of which looked …


  1. Thanks for this post Chris. It explains so much about the people who are supposed to have the responsibility for ensuring a ‘best practice’ standard in AML/STF interdiction. There are perfectly good AML systems available in the market which will enable practitioners to take the AML compliance process through from A to Z. Thomson Reuters have Accellus, which will do the job superbly. However, there is no solution available in the market which will work well if the institution itself has not undertaken a proper ‘Risk-Based Approach (RBA) analysis, and this is where the vast number of institutions fall down badly. They are unwilling to spend the time or the money to undertake a proper and effective RBA analysis, so they cannot map their AML interdiction systems to their RBA closely enough, which means they end up pulling down hundreds if not thousands of false positives, all of which need to be excluded, which is time consuming and labour intensive. If only these people who are doing all the moaning would bother to bring in some decent analytical consulting skills who could advise them on the proper mapping process, and help them calibrate their risk appetite, and a great deal of these problems would go away. As it is, most of these banks just implement expensive systems, but never use them properly. They do it because all they are looking for is a ‘tick-box’ solution because they think that is what the FSA wants to see. They can achieve so much of their needs if they employ the right solutions and implement the correct processes, but all too often, they don’t want to spend the money to achieve those ends. Your commentator was just evincing the typical negative bank-response to AML/STF needs, all of which were so well enunciated quite recently at an evening event I attended!

  2. Compliance and AML people are often caught between a rock and a hard place. In large organizations their function is often specialized and fragmented when they need a larger picture. In smaller organization their attention is often divided between on-boarding, compliance reviews, rating and reviewing products and services, monitoring trades and traders, monitoring and reviewing relationship managers, writing policies and procedures and so on. As you so rightly remarked; you can’t automate everything. Even the smartest system needs quality data to work with. That data is often spread over dozens of systems, sometimes in different jurisdictions with different management and different agenda’s. That is why compliance needs to be an integral part of the business model of a bank. You don’t obey the law because you have to but because you want to. All too often this is forgotten under the pressure of shareholders that want to see results and of clients who don’t want to be bothered with awkward questions from their banks. ABN AMRO has felt the sting of the regulator threw vast amounts of money, time and resources at the compliance function and almost wrote the book on anti-money laundering and anti-terrorist financing. I’m sure HSBC and StanChart will do the same. The issue is to keep the standard high, even when priorities change. Compliance people are like teeth, if you ignore them, they go away.

  3. AML/CTF regulations effectively conscript banks as unpaid policemen in
    respect of financial commerce. Why banks should be policemen of the
    state in this manner is an interesting philosophical question that
    receives too little attention. For some reason, it’s just assumed that
    because banks can monitor commerce, they should monitor it for state
    police purposes so that the state can interdict commerce it disapproves
    of or seize financial assets of people, entities or countries the state
    takes a dislike to.
    Requiring banks to freeze payments and assets associated with AML/CTF
    targets allows the state to interdict commerce and seize property
    without due process of law. Evidence? Prosecution? Trial? Why bother
    when you can just grab the money or assets by adding a name to list with
    no process of appeal or review?
    The costs of the AML/CTF systems are high, the penalties are high, but
    the banks earn no revenues and achieve no commercial benefit from
    AML/CTF policing. It’s not even clear the state achieves a benefit, as
    the millions of SARs filed seem to vanish into a black hole, resulting
    in no prosecutions of evildoers.
    If AML/CTF makes the news, it’s not because it has ever proven
    successful in catching evildoers, but because banks are being fined for
    not being strict enough. And the enforcement actions often seem highly
    selective, especially in the US, where it seems only non-US banks are
    investigated and sanctioned, and non-US entities are the main targets of
    AML/CTF enforcement. US enforcement actions, particularly against EU
    banks, smack of protectionism masking as compliance. US sanctions
    against countries smack of economic aggression without diplomatic recourse.
    The situation isn’t helped by shifting goalposts. One of the challenges
    in AML/CTF is the constantly shifting and growing scope of sanctions,
    particularly as the US shifts its “axis of evil” around to new countries
    with startling regularity and expands the “war on drugs” and “war on
    terror” to hundreds of thousands of unreviewable targets. There is no
    mechanism for appeal against the US blacklist, and so no way for a bank
    to gain comfort that someone legitimate with an unfortunate name will
    not cause them grief. All AML/CTF systems have to be constantly undated
    against multiple target databases to stay current, a very expensive
    reconciliation challenge in itself.
    Countries that were legitimate business partners a few years ago are now
    off-limits, and banks have to re-evaluate all business relationships
    constantly to be secure against retroactive enforcement. The current
    actions against UK banks doing perfectly legitimate, longstanding
    business with enterprises linked to Syria and Iran, accepted as okay by
    previous US administrations but now selectively prosecuted, are a good
    example of this.
    If the police and compliance burdens on banks now exceed the business
    rationale for banks, perhaps it is little wonder that the commercial
    banking business model has failed. Payments are a commodity business,
    with narrow margins, and those margins are eroded by the high costs of
    AML/CTF systems, maintenance and compliance. If banks are central to
    state police powers, however, and particularly to the arbitrary and
    unreviewable exercise of state powers of expropriation without due
    process, it may also explain why states need to bail out banks rather
    than let them fail.

  4. Irritated beyond my tether

    The AML/CTF etc thing is going nuts and some of the rules are too big to understand.
    For example, payment processors (PSPs) are required to check out that the purpose of a bill payment is legit. E.g. if the fund transfer is a top-up payment as a result of a vendor under-pricing his goods on the official invoice (so as to avoid tax), with the balance of the funds coming some different way – then the regulated PSP who sends the top-up is breaking the law and hence could lose his operating licence which is game over.
    So before he makes the payment, he is required to a) know it’s part of a bigger picture b) understand that the bigger picture is clean. This is at the ‘mild’ end of things.
    If a PSP got involved in paying for refrigerators destined for someone in an sanctioned country, then it’s the other end. It’s called ‘third-party’ payments and requires ‘enhanced due diligence’.
    Quite how the PSP is supposed to know or find out in a cost-effective way (given that anyone dodgy will obfuscate), is beyond me.
    The G8 may want money transfer fees to be halved (the 5×5 initiative), but they better go talk to the G8 about its AML policies.
    I think the regulators have missed a trick here – the guys who make most money in this business (and hence are best placed to carry some of the weight), and see the transaction before the PSP and hence know most about what’s really going on, are the FX houses.
    However the regs focus on the PSPs. I have seen the FX guys lobby to land the regulatory pain on the PSPs – they know exactly what they are doing.
    These regs are being imposed by the post-developed economies and like FATCA are an extension of their national policy thru’ the global banking system. Wonder if that will break it?

Click on a tab to select how you'd like to leave your comment

Leave a Reply

Your email address will not be published. Required fields are marked *