The most common financial compliance mistakes – and how to avoid them

The most common financial compliance mistakes - and how to avoid them

Banking regulatory intelligence needs a new approach and… Aptus.AI

This is not the first time we present the critical situation of financial compliance. Anyway, this time, we want to focus on some specific mistakes which firms, and more specifically financial institutions, keep on making in their compliance workflows. But we also want to offer them a solution, identified in two parts: the first is a new approach to compliance, while the second is represented by adequate technological tools. Just as a brief recap, it is worth to say that currently banking compliance operations are mainly based on manual work, therefore very time-consuming and subject to operational risks. Besides, according to a PWC analysis considering the 2015-18 period, the regulatory detection and impact analysis operations, taken alone, represented 15% of the total compliance costs. Costs which, associated with compliance, in USA are as high as 10.000 dollars per employee (source: University of Pennsylvania). In fact, much of this operational costs arise from salaries for employees performing manual processes such as document review and audit, data entry, document tracking, internal and external communication and so on.

Compliance mistakes means operational and reputational risks… plus sanctions

It is hard to define some specific mistakes in the field of financial compliance, as the entire sector is affected by operational and strategic risks related to the impossibility of automating the collection and analysis of an ever-growing amount of regulations that cannot be longer monitored by humans. Anyway, the UK magazine Growth Business tried to sum up the most common and impactful compliance mistakes in finance, that are:

  • Reusing documents thus generating inaccurate information: when creating new compliance documents with a manual process, there’s the risk to leave in old information and unrelated regulations
  • Typographical and content errors: manual work also generates the risk of leaving typos or draft contents within official documents, affecting their accuracy
  • Referring to outdated regulations: manual generated documents can potentially include old versions of regulations, thus invalidating the whole document

These are just a few examples of the kind of mistakes that are caused by manual work within the compliance workflows. And these mistakes, put together, can also expose financial institutions to huge sanctions from supervisors, as reported by FinTech Global. At the beginning of 2022 the financial magazine published a ranking of the five biggest compliance failure fines from the year of 2021 in terms of penalties imposed by UK and EU authorities to financial institutions due to their non-compliance. Here are the firms names, the amount of the fines and a brief recap of the sanctions’ reasons:

  • ABN Amro – 480 million euros (failed to identify accounts involved in money laundering, to conclude relations with suspicious clients and also to report such transactions to the relevant authorities)
  • NatWest – 308 million euros (failure to properly monitor the activity of the commercial customer Fowler Oldfield)
  • Credit Suisse – 172 million euros (financial crime due diligence failings related to loans worth 1.3 billion dollars arranged for the Republic of Mozambique)
  • JPMorgan – 118 million euros (widespread and longstanding failures by the bank to maintain and preserve written communications)
  • Deutsche Bank – 113 million euros (violated the Foreign Corrupt Practices Act)

It’s clear how all of these examples confirm a critical situation in the field of financial compliance, but not all is lost.

Financial compliance can become effective with a new approach…

The first thing that needs to be changed is the way regulators and financial institutions publish and share data. An electronic version of financial regulations is more and more necessary, as structured and machine readable regulations – and so digitally accessible – would disclose the possibility for firms to keep up with the unmanageable amount of regulatory updates. Besides these issues related to the interoperability and the data management of banking regulatory documentswhich we address in a dedicated post, financial institutions need also to follow some best practices which have been clearly resumed in an interesting post by our partner Deloitte, focused on the management of risk assessments within financial institutions’ compliance workflows.

  • Establish clear risk ownership of specific risks and drive toward better transparency, by identifying the individuals responsible for managing each type of risk
  • Make the assessment actionable, by prioritizing risks and indicating how they should be mitigated or remediated
  • Solicit external input when appropriate to inform the assessment and ensure that it incorporates a detailed understanding of emerging compliance issues
  • Treat the assessment as a “living” document, therefore always evaluating any news and making changes to the assessment itself
  • Use plain language to make the assessment clear, easy to understand and actionable
  • Periodically repeat the risk assessment to ensure its consistency over time, also because risk intelligence requires ongoing analysis to identify emerging risks or early warning signs
  • Leverage data, by incorporating and analyzing key data to gain a deeper understanding of where existing or emerging risks may reside within the business.

What Deloitte suggests to financial institutions is to conduct thorough assessments of compliance risk exposure, also including both a comprehensive framework and a methodology for evaluating and prioritizing risk. But how to do that if the needed information is lacking or requires a long time to be obtained?

… and by exploiting Aptus.AI’s innovative features!

Easy: with Aptus.AI! Without prejudice to all the previous statements, a new approach and a correct methodologies to face financial compliance issues can be put in practice only together with the possibility to get the right information in a reasonable time. And this can be achieved through a standard and machine readable version of regulations, created by Aptus.AI by integrating an international regulatory standard with Artificial Intelligence, exploiting its AI engines, which collect and analyze financial regulations in place of humans, thus offering them a first impact analysis, that considers the internal processes and policies affected by any regulatory update, and also making these documents integrable in all the GRC (Governance, Risk management and Compliance) systems used by financial institutions. Therefore, exploiting Artificial Intelligence, the platform is automatically updated in real-time on regulatory updates and notifies users via email about the changes in their regulations of interest, also automatically extracting all the related obligations and penalties. These innovative features allow financial professionals to avoid the time-consuming and risky manual work which they need to do currently, also providing them with the information they need to make right decisions.