View
214
Download
0
Category
Preview:
Citation preview
“Today is the perfect day to start
optimizing your Financial Crime
Compliance – do not wait any longer”
19th Bulgarian Finance Tech Forum 2017
Peter Wiatrowski, SWIFT
27th April, 2017
Customer
identification
Customer
Screening
& risk id
Customer
due diligence
Transaction
& customer
screening
Ongoing
due diligence
Behavioral
monitoring
Start Business
RMA / RMA Plus Compliance
Analytics
Payments Data
Quality
Name Screening The KYC Registry
Name Screening
Bankers World
Online
The KYC Registry
Compliance
Analytics
Payments Data
Quality
RMA / RMA Plus
The KYC Registry
Name Screening
Sanctions Screening
Sanctions Testing
List Management
Industry standard
Industry standard utility
built with the SWIFT
community, for the SWIFT
Community
Reduced costs
SWIFT-hosted solutions
help reduce costs
Ease of use
Intuitive workflow with
flexible set-up options and
rich functionalities
Secure
Highest levels of security
and privacy
Benefit from SWIFT’s Financial Crime Compliance services
Enhanced efficiency
Reduce reliance on time-
consuming
and inefficient
manual processes
Scalable solution
Modular technology
enables seamless addition
of new services and
upgrades
Unique insight
Access information based
on the unique global SWIFT
dataset
Fewer unnecessary hits
Quality data combined with
an optimised sanctions
filter reduces false positives
SWIFT KYC Registry
An unprecedented challenge to comply with KYC requirements
KYC
Registry
Increase in regulations
Increase in AML/KYC fines
(>$3 billion/2 years)
Increase in KYC
complexity: FATF/FATCA
The Cost of FI KYC is becoming prohibitive - Clear need for Utilities
6
"The KYC Registry will be a key differentiator in ensuring
the correspondent banking industry increases the
accuracy and efficiency around its KYC process. This is
not a 'nice to have' but rather an imperative (…)”
Standard Chartered
"Data collection times in many cases have been
reduced from days or weeks to a few hours"
Unicredit
“(…) Converse Bank positions itself as a
more transparent, trustworthy and reliable
business partner in its relations with
existing and potential correspondent
banks."
Converse Bank
A standard set of
KYC data
Clear and transparent
standard of ~130 KYC
data elements and 34
documents agreed &
endorsed by the
industry working group
Category I - Identification of the customer* License, Proof of Regulation, Extract from Registers, Certificate of Incorporation
Legal name, address, registration details and regulatory information
Category II – Ownership and management structure* Shareholding companies + UBOs>10%: identifying data
Ownership structure and declaration of Ultimate Beneficial Owners
Board of Directors, Executive Management: identifying data + listings
Annual Report
Category III – Type of business and client base* High risk products and services
Operating geographies and customer verticals
Category IV – Compliance information* Enhanced AML Questions, AML-related contacts
AML docs: AML policies and procedures, Wolfsberg Questionnaire, USA Patriot Act,
response to negative news
Category V – Tax information* TIN, FATCA information
FATCA document
*Not exhaustive list
Standardised baseline
Up-to-date information
Data verification by SWIFT
Cooperative business model
Secure, user-control access
Over 3,600 financial institutions 1,950 + in Europe, Middle East and Africa
1000 + in Asia Pacific
650 + in the Americas
200 + countries and territories worldwide
30 central banks
Creating a global standard
Community deals in:
Armenia, Bolivia, Dominican Republic, Georgia, Greece, Moldova, Panama, Costa Rica,
Turkmenistan, Uzbekistan
30+ Central Banks included:
Plurinational State Of Bolivia, Costa Rica, Ecuador, Cabo Verde, Panama, Iran (Islamic Republic
Of), Jamaica, Namibia, Papua New Guinea, Lao People's Democratic Republic, Guinea, Haiti,
Rwanda, Paraguay, Tunisia, Belize, Iceland, Jordan, Kuwait, Seychelles, Swaziland, Curacao,
Somalia, Dominican Republic, San Marino, Cambodia, Dominica, The Former Yugoslav Republic of
Macedonia, State Of Palestine, Republic Of Moldova, Central bank of Gambia
Sanctions Screening
A quick and easy route to transaction screening
Transaction Screening – Why shall it be a priority
Sanctions impact
• Fines are getting bigger, but more significantly:
Cost of remediation exceeds amount of fine
Includes limitation to business (e.g. no USD clearing)
Regulators pay more attention to the quality of the screening
• Banks are terminating correspondent relationships due to:
Risk factor (weak financial crime controls )
Low return on relationship due to Cost of compliance
• Impacts large and small financial institutions
Especially smaller FIs due to the ever growing requirements
Large FIs face increased regulatory scrutiny
Why are Sanctions so complex?
40,000 names on lists
4 Billion fuzzy combinations
15.5 Billion $ fines levied on financial institutions for violation of sanctions regulations
1 Day
Average interval between sanctions list updates for banks active globally
-50%
Decrease in number of correspondent relationships from some US banks
+100%
Increase in alerts every 4 years due to increase in SDNs and transaction numbers
+20%
Yearly increase in names and aliases on US OFAC list
Sanctions Screening- SWIFT’s hosted screening service
Challenges of small institutions
Regulatory scrutiny and enforcement
of sanctions policies is increasing
Increasing pressure from
correspondents to be compliant
Available screening solutions
complex and costly to maintain
Increasing challenges for low-
volume financial institutions
SWIFT provides
• Screening engine & user interface
• Sanctions List update service with
enhancements
• No additional footprint
• Centrally hosted and operated by
SWIFT
• Real time
• Simple to configure and use
A fully managed service to screen all transactions
Screening & Audit Report
Screening Report
Audit Report: • Copy of each alerted
transaction
• Hit details
• Final status
• 2 monthly reports – .rtf format allowing easy
and fast access
– XML format allowing analysis of hit information
• Audit log of all transactions screened
• Audit log of all operators activity and decisions
• Comments
• Monthly and weekly (July 2016)
Quality assurance Report
• Annual quality assurance checks on effectiveness of the service
• Verifies that lists used mirror regulatory sources
• Measures exact and fuzzy matching capabilities
• Provides details on filter configuration and related impact
• Upon request – no other ‘vendor’ provides this.
500+ Clients
135+ countries
20 central banks
Implementation options
Copy option
Transparent routing of FIN transactions
to the service using FIN-Copy
Few weeks
Zero
Limited
FIN Cat 1, 2, 4, 7
Connector option
Query/response screening of all
transaction types
Few Months
Limited
Unlimited
All transaction types
Your institution Your correspondent
1
2
3
Your institution Your correspondent
1 2
3
Scope
Flexibility
Footprint
Timeframe
Transactions
Screened
Granularity
on what is filtered
Installation &
integration
Implementation
timeline
Same service, same end-user experience, different technical implementation. 17
Name Screening Service
How does NSS Online work?
A powerful
matching
algorithm
generates an
overall score for
each entry
Public Lists OFAC, EU, UN, HMT…
PEP, Additional Research
Private Lists Internal AML Policy Lists
Security Ensured by
Physical Tokens
Data
NSS Results
Enter an
entity, with all
optional
additional
information.
Full Audit Reporting
Hit
generated
Against an
entity
Entities
Matching
Elimination
Criteria
Such as Gender &
Threshold
Adjustments
NSS – Demo
Integrate sanctions
monitoring and due
diligence into your
current business
process with ease
NSS is designed to be easily
added into your current business
processes. Caters to the largest
business requirements, while
remaining easy to use.
Comprehensive Solution
Workflow in a hosted solution
Demonstrate to
Auditors and
Regulators the
Effectiveness of the
processes and tools
your teams use.
Pull out regular reports which
document each decision that
was taken in the tool.
Audit tools
Regular QA reports utilizing
SWIFT’s Sanctions Testing
Service
Quality Assurance Report
Why SWIFT?
Security ensured by
physical tokens to
protect your
information.
Physical tokens protect
information, such as Private
Lists and sensitive decisions
held within audit reports.
Physical Tokens
Remain Compliant,
Avoiding regulatory
breaches, de-risking,
and reputational
damage.
Easily manage a variety of high
quality Data Sources:
Sanctions List Mgmt. Ops–
Public Sanctions lists
Dow Jones – PEP Data, SOR,
Adverse Media, and other
lists
Private lists – Uploaded by the
client.
Daily Validation Reports (DVR) CSP – Transaction Pattern Detection
v01
“The attacks will continue
and get more sophisticated” Gottfried Leibbrandt, CEO, SWIFT
SWIFT Customer Security Programme “There are only two types of companies:
Those that have been hacked and those
that will be hacked” Robert S. Mueller, III, Director FBI
Daily Validation Reports – External
Attackers are organised, sophisticated and well
funded
In the event of an attack, accuracy of data
in interface systems may be compromised
Daily Validation Reports – responding to the insider threat
Banks need to verify the integrity of
payments across back-office and
interface systems
Daily Validation
Reports
Other fraud
controls
Other fraud
controls
Daily Validation Reports - provide a way
to access SWIFT’s record of transaction
activity to mitigate this insider threat and
not having to rely on, possibly
compromised, interface systems.
Daily Validation Reports – External
Activity Reporting – reports aggregate daily activity by
message type, currency, country and counterparties with daily
volume and value totals, maximum value of single transactions
and comparisons to daily volume and value averages
Risk Reporting - highlights large or unusual message flows
based on ordered lists for largest single transactions and
largest aggregate transactions for counterparties, and a
report on new combinations of counterparties to identify new
relationships
Daily Validation Reports
New Counterparties Reporting -
highlights any new combinations of direct and indirect
counterparties. Makes it easy to identify new payment
relationships that may be indicative of risk, and helps you quickly
understand the values and volumes of the transactions involved
Daily Validation Reports – External
Daily Validation Reports
Activity Reporting
Curr
en
cy
Cou
ntr
y
Pa
rtie
s (
BIC
8)
Risk Reporting
La
rge
st T
ran
sa
ctio
ns
La
rge
st C
ou
nte
rpa
rtie
s
(BIC
8)
La
rge
st D
evia
tion
s
New
Rela
tionship
s
(BIC
8)
Benefits
Validates Back-office
Detects Incident response
with
• Uses SWIFT’s record of
institution traffic
• No reliance on integrity of
internal systems
• Identify deviations from
usual
• Highlights new
relationships
• Daily refresh for quick
recovery
A simple, secure way to validate your SWIFT transaction activity and
understand your payment risks
Secures Data protection
with
• Centrally hosted
• SWIFT.com protected
access
• Out-of-band
Daily Validation Reports – External
Key Features
Identify the risks
of key payment
messages
Understand
new payment
flows
Focus your
checks
Understand
aggregate
activity
Get up and
running quickly
and easily
Message Types : MT103, MT202, MT202COV, MT205, MT205COV
Data points: Originator >Sender > Receiver > Beneficiary
Identify unusual transactions: your Top 10, Top 20 or Top X risks
Currency, country and counterparty activity breakdown compared to daily average values and volumes
Cloud-based service with no hardware or software to install or maintain
Daily Validation Reports – External
Demo
Daily Validation Reports
Daily Validation Reports – External
How Daily Validation Reports can help identify fraud – A fictitious scenario
Attackers gain access to the back office systems of “My Bank” and send fraudulent payments.
A total of $150M in fraud is sent from “My Bank” to accounts in Bank X ($100M) and Bank Y ($50M).
- Statements are intercepted by malware in My Bank’s environment – payment records are wrong!
- Payments to Bank X are uncharacteristic, values are usually lower!
- There have been no previous payments to Bank Y
My Bank Bank A
Bank X
Bank B Bank Y
11 fraudulent
payments
totalling $150M
1 fraudulent
payment
of $50M
10 fraudulent
payments
totalling $100M
Identifies new counterparties
Validates activity
Highlights unusual payments 1
2
3
1
2
3
Daily Validation Reports – External
Validate
Daily Validation Reports – External
Daily Validation Reports - Simple, standard, easily understood and powerful reporting
User selectable
report views
Message type, currency, BIC
and date filters
Message type and currency daily aggregates, base
currency, largest transaction, daily averages and
variance
Standardised report views that are
easily understood and quickly actioned
Daily Validation Reports – External
Easily focus your investigation
Uncharacteristic high value or
high volume transactions
Counterparties
Daily Validation Reports – External
33
SWIFT CSP roadshow BG June 14, 2017 in Sofia
www.swift.com
34 CSP - Stream 4 – Daily Validation Reports – September 2016 - Confidential
Recommended