As per the newspaper reports, the number of penalties imposed on financial institutions by the RBI in the last 3 years was Rs 78.60 crores, i.e. an increase of 88% in this period.
The banking sector, which is the first sector to comply with the AML guidelines, seem to still facing the major wrath of the regulators. However, if we compare with banks across the globe, we have number of similar examples where some banks have been penalized repeatedly in the same or different jurisdictions.
The sheer size and nature of the banking sector makes it major target for fraudsters and money launderers who in turn look for the chinks in the armor.
If we look at the BFSI institutions sector, we will see that non-compliance has happened in the following sub sectors:
1. The large full-service banks which are repeatedly found lacking in some areas by the regulator. The major deficiencies are related to KYC guidelines and lack of or delay in reporting suspicious transactions.
2. Co-operative Banks, both urban and rural, have been brought under regulatory scanner more recently. While large number of violations have been noted in this segment, the ticket size of each case is quite small considering their level of transactions.
3. Fintech segment, wherein it is largely believed the focus is on solving problems through technology, often lack a comprehensive risk and compliance team and also lack in knowledge in these areas across the organization.
RESOURCE GAP
If we further analyze the issues faced by these organizations, we will realize that origin of most of these issues can be traced to people and resource management.
KYC related failures mainly occur in the frontline because of
- Pressure of meeting business targets,
- High level of attrition leading to lack of adequate training.
These problems are linked to each other. Some of it is a result of deploying inadequately trained staff to acquire business. Further, an aggressive middle level manager with eye to the achievement of targets can add to the woes of the frontline staff by encouraging acceptance of incomplete KYC documents.
The other major issue is relating to delays and non-reporting of suspicious transactions. Though large banks have a team to review the alerts generated, sometimes the number of alerts generated is very high resulting in delay in clearing the back log. Also, such huge backlogs can result in missing an important clue.
The cooperative banks and the fintechs have problem of adequate resources, i.e. availability of properly trained staff and their proper empowerment. Further, when the business scales up exponentially, compliance team is one of the last to grow.
ORG CULTURE
The development of organizational compliance culture is a major area of concern. While we talk about the ‘tone at the top’, more often than not, the percolation of the culture to all levels – especially to the middle management and the unit management of the organization is not uniform. In such a situation the focus in those levels is always more on the quantity than on the quality of the business acquired.
Most of the financial institutions have now introduced balanced score card in their KRIs to address this issue but the message has not gone to the frontline because of massive attrition and training gaps.
2 SOLUTIONS
It is surprising to note that in a country which has strong regulatory framework in the financial sector, the under graduate or post graduate courses which feed into these industries, hardly has any curriculum covering areas like regulatory compliance, fraud control and operational risk management. A person just out of college has very little idea on such subjects when they join the sales and operations teams of banks. Even if these subjects are offered as elective in these courses, the level of awareness will improve substantially and will help in developing the compliance, risk & governance culture especially in the grass root levels.
The other issue relating to delay in reporting largely emanates out of generation of a very large number of alerts, most of which are ‘false positives’. In order to manage the situation a combination of AI solutions and people management will be necessary. The core team needs to continuously study the alerts to identify their effectiveness so that they can be reviewed and recalibrated periodically. At the same time the basic alerts and transaction monitoring can be effectively conducted through AI solutions which can then throw a second level of alert for human intervention. This will help in improving productivity and also reduce monotony.
To conclude, organizational focus in plugging the loop holes by managing resources, both people and systems, should effectively reduce repetitive failure in administering AML/CFT in banks.
AML Penalty Trends
The global trends relating to penalties imposed on various money laundering related offences has thrown up some interesting trends. Obtaining the exact statistics in this regard is next to impossible, hence this data is based on publicly available information.
Year wise overall penalty:
Sector wise penalties levied in the year 2023
The largest individual penalty of the year of USD 4.3 billion was awarded to US cryptocurrency exchange Binance for failure to report more than 100,000 suspicious transactions including those with terror groups like Hamas, Al-Qaeda and ISIS.
Trends in India for the last 2 years
The major jump in 2023-24 is because of penalty of Rs108.8 million imposed on Paytm Payments Bank. However nearly two-third of the penalties (in number) were imposed on cooperative banks especially non-scheduled urban cooperative banks.
Debmalya Maitra, FCA, Partner, CKSP & Co
Recent Articles:
DeFi is an ‘internet’ in the making
