Financial companies want to turn regulatory burden into competitive advantage
The war on terrorism is hitting financial-service companies hard. For more than a year, the government has pressured banks and other financial institutions to report suspicious activity that might indicate money is being funneled to terrorists or laundered to hide its origins. Every couple of months, the Treasury Department proposes rules that force banks to collect more data, dig deeper into databases, and refine their analyses, increasing the regulatory burden on an industry struggling to comply with existing rules. Last week, Treasury extended anti-money-laundering rules to jewel traders and opened discussions on applying them to auto dealers and travel businesses, all industries that handle large monetary transactions.
Many financial-services companies now use IT to spot possible criminal activity. Larger banks, especially, spend millions on software that watches for suspicious transactions and unusual patterns. Small wonder some of those-Wachovia Corp., for example-are looking for ways to squeeze more value out of compliance tools, which provide extensive information on customer behavior, by extending their use across the business.
Before 2001, banks had to closely monitor only high-risk areas, such as private banking, for suspicious activity and report transfers of more than $10,000. The USA Patriot Act, passed in October 2001, added extensive anti-money-laundering rules, requiring financial institutions to report a wider range of suspicious activities. Now a customer transferring $100 a thousand times can be tagged as suspicious, as can two accounts with different names and addresses but the same phone number. And it isn't just data on individuals that's targeted. Mutual funds, corporate accounts, insurance policies, hedge funds-all financial accounts-are being examined closely. Complicating the picture: There are no agreed-upon definitions of what constitutes evidence of money laundering, and no technologies have been designated as satisfying compliance requirements.
Automating this tracking and analysis can cost $100,000 to $10 million, depending on how extensive the effort. U.S. banks and insurance and securities companies will spend $11 billion by the end of 2005 to comply with anti-money-laundering regulations, predicts Celent Communications LLC, a financial-services research company. More than a third of that will go to software, hardware, and IT maintenance.
Wachovia is looking for other ways to use the data and analysis that regulatory-compliance tools generate, says the bank's chief compliance officer, Langley.
Given the high price, finding other uses for these tools makes sense. "We have to look holistically across the company to see if there are other partners that would benefit from this, and if the customer is better off if we involve other parts of the company in this," says Bill Langley, Wachovia's chief compliance officer. He's faced with keeping the financial-services company-the fifth largest in the country with $342 billion in assets-in line with ever-evolving rules, and he knows that noncompliance can be costly. Broadway National Bank in New York was fined $4 million in November for failing to establish a federally mandated anti-money-laundering program, among other lapses.
Technology is the key to compliance, Langley says. "We've been asked to ferret out transactions that might be money laundering," he says, and with nearly 30 million customers, that's a lot of transactions. It's important that compliance software be able to handle volume, look at every kind of transaction, offer several interfaces, and come with good reporting tools, says Langley, who's working with director of IT Dwayne Allen to evaluate products. Allen's staff will make sure the software meets performance standards and is compatible with existing systems.
At least a dozen vendors, including SAS Institute, Sybase, and Sun Microsystems in partnership with Mantas, have tools that help with compliance. SAS, one of the vendors on Wachovia's shortlist, has data-mining tools that Langley says will identify abnormal transactions. SAS entered the anti-money-laundering software market last year with data-gathering and reporting software that lets customers modify and prioritize the logic that determines what data gets collected and how it's assessed. The software refines business rules and formulates new ones to increase the accuracy of its automatic detection engine. Analytics help weigh rules violations and rank suspicious behavior.
Using one system to analyze customer transactions across all parts of a business is essential as criminals find ways around new rules. Mantas Corp.'s anti-money-laundering system runs on Sun's computers and performs link analysis, examining all transactions for suspicious behavior. That paid off for one of Mantas' clients when the system flagged a bunch of small, seemingly unconnected perfume companies in Texas that were making frequent transactions with a large Northeastern manufacturer. "On the surface, they all looked like fine firms, but looking at the aggregate behavior, there were problems," says Jeffrey Jones, head of Mantas' business development. That case has been turned over to law-enforcement officials.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.