The FinScan Survey
FinScan, a worldwide provider of AML/KYC consulting and compliance solutions, conducted a global survey to see how the anti-money laundering (AML) and anti-financial crime (AFC) compliance communities are dealing with challenges brought on by COVID-19. They surveyed regulators, law enforcement, compliance professionals, auditors, and those in the technology fields to gain some insight on how well financial institutions were able to cope with new demands. The results showed that not only were most companies unprepared, most are still trying to keep up with the security demands of the “new normal.” These insights hopefully will give companies some guidance on how to best move forward, and what can be done to be better prepared in the future.
The Biggest Challenges
The COVID-19 crisis presented three major challenges to financial institutions and compliance.
There were many challenges to the financial regulation industry, as the pandemic created the sudden need for remote work.
Many anti-financial crime compliance departments were caught off guard by the sudden onslaught of the coronavirus pandemic. Here are their biggest challenges:
The transition to working remotely
The top challenge facing the compliance community during the coronavirus pandemic has been the need to work remotely from home while lacking the proper technology and access to internal IT systems required to support such a work environment. Most organizations had employees onsite daily to utilize proprietary systems and software, and when shelter-in-place orders went into effect, many businesses were unprepared for their employees to work from home. Eighty-eight percent of those surveyed had a shelter-in-place order in their area, requiring employees to remain at home. Businesses were not prepared on the IT front to almost overnight have to create a way for employees to work securely from home, and only half believed they could effectively conduct business as usual (BAU) from home.
Firms went into crisis management mode which put a strain on normal operations.
Other than the technological problems behind having employees operate from home, there is also the issue of how to gauge their productivity. Most respondents relied upon manual reporting of productivity, while only some already had an automated system in place. Those with automated systems in place for monitoring felt significantly stronger that business could continue as usual, compared to those that relied on manual reporting.
Increase in compliance risk exposure
Most organizations feel that their exposure to compliance risk has increased, as their normal compliance controls have been compromised due to:
Remote working conditions and accountability
Inadequate IT support
Lack of proper due diligence
Problems with crisis management mode and the roll out new online services
Companies saw their compliance risk increase due to the challenges of the pandemic.
Many financial institutions were fearful of their compliance risk increasing, specifically in regards to fraud, scams, and cybersecurity issues. This is coupled with the risk of conducting more financial transactions online as opposed to face-to-face, and with so many employees working at home, the risk of data leakage.
Although some respondents said that their risk levels were mitigated by the fact that their overall transactions had stopped or slowed, allowing them time to do due diligence on those transactions they do have. Another reason risk was decreased for certain institutions was that some companies were prepared already with cloud-based solutions and remote IT accessibility.
Rise in criminal activity
The sheer increase in the number of criminal activity attempts and increased alert volumes were also identified as key risk drivers. 63% of respondents expected that criminal activity levels would rise. This rise in criminal activity would be due to the challenges mentioned above–issues with work from home security and an unreadiness to conduct business as usual. As many companies see their compliance risk increasing, they are also dealing with the chance of elevated criminal activity as well.
In addition to criminal activity, institutions will also need to tackle alert volumes and backlogs from the inability to get back to normal operations, and are worried that their ability to meet regulatory requirements would be hampered due to the pandemic situation.
With firms in crisis mode, many fear that there will be a rise in criminal activity.
Backlogs were expected to increase due to the lack of availability to access IT systems, decrease in staff, and issues obtaining customer information for due diligence. Many institutions are operating in crisis mode, with normal compliance tasks pushed further down the list, causing increased backlogs.
Key takeaways from the FinScan Survey
Ways to prepare for the future
Throughout the survey, there was a correlation between having a business continuity plan in place and the organization’s level of risk exposure. For those who had a business continuity plan in place, had automated employee productivity monitoring, and had mitigation factors such as IT systems that allowed for remote work, the reported risk level was lower. Having a plan in place will save time and decrease risk, and allow a company to get out of crisis mode and return to “normal operations” faster.
Institutions should work towards having a business continuity plan in place to help limit future risk.
Monitoring staff productivity in a remote environment is still the greatest challenge, especially due to limited automation capabilities which is shown to significantly limit general readiness for business continuity and increase risk exposure. Having employees work on personal systems is not ideal, and many companies are still coming up with ways to tackle this issue. Better risk mitigation factors such as remote IT accessibility and automated monitoring can help lower compliance risk and backlogs.
Those using automated management dashboards were 2x more confident in their “business as usual” (BAU) readiness than those with no way of monitoring staff productivity. Those businesses with no automated system should consider getting onboard with an automated process for monitoring productivity in the case of a future disruptive event.
This crisis has highlighted the digitalization of AML compliance functions can be improved, especially in the areas of customer onboarding and enabling virtual “anytime, anywhere” compliance to support increased online customer transactions.
Although the sudden implications of a crisis such as the COVID-19 pandemic could never have been foreseen, it shows that companies that put the effort into planning ahead will find themselves ahead of the game. Many organizations feel that they have some level of business continuity planning in place – but did not sufficiently plan to accommodate this particular pandemic situation – an opportunity arises to incorporate a more pandemic-related risk-based approach into their existing business continuity frameworks.
Download the full report for more details
Read the complete study to find out how the anti-financial crime and AML compliance community around the world is coping with COVID-19 challenges and what the key learnings and implications are for the “new normal”.