Multiple regulators issued a joint statement encouraging banks to embrace innovation when it comes to battling financial crime. In an interview with PYMNTS, DLA Regulatory and Compliance Policy Advisor, Paola Ronquillo weighs in on what’s changed, and what hasn’t, in the wake of the joint announcement – and how CCOs should embrace what may be new found freedom.
Call it the “great banding together.”
News came earlier in the month that several federal agencies have come out — together — in support of banks embracing innovation in their compliance efforts.
Among those agencies, alphabetically speaking: the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation (FDIC), the Financial Crimes Enforcement Network (FinCEN) and the National Credit Union Administration. The idea is to foster strength in the battle against “illicit financial activity” as banks satisfy various mandates tied to anti money laundering (AML) initiatives and the Bank Secrecy Act.
Thus, said the agencies, banks should eye technology, and should endeavor to “consider, evaluate, and where appropriate, responsibly implement innovative approaches in this area.” Banks will not be penalized if they do not embrace new ways of battling fraud with new tech — meaning they can still adhere to the status quo.
But. Private sector innovation is of value, and pilot programs may be too, which opens the door to FinTech — all of which now can come through industry commentary.
Perhaps think of it as a loosening of oversight? Note that no one method is being championed over another, and of mention are programs including, for example, artificial intelligence (AI).
If failure is in the offing, the intrepid banks will not be “subject … to supervisory criticism.” The bank, for example, that uses an AI platform to help illuminate suspicious activity, and finds evidence of suspicious activity that would not have been uncovered using previously employed methodologies will not have been “automatically” assumed to have been deficient.
It all comes, at least on the surface, as a message of support that also comes at a time when chief compliance officers may be a bit trepidatious. Consider the fact that DLA Piper found in its 2018 Compliance and Risk Report that among CCOs surveyed, as many as 75 percent said they were “somewhat concerned” about personal liability — and only 55 percent said that the resources on hand are sufficient to support compliance programs.
In an interview conducted by written exchange, DLA Piper Regulatory and Compliance Policy Advisor Paola Ronquillo said that “on one hand, the crux of the statement really does not impact much. Any institution already engaged in innovation, e.g., investing in artificial intelligence to improve suspicious activity monitoring to reduce false positive rates, may feel more supported in their efforts. One might think they already knew all of this, that they know even trying something new they’re still responsible for running a safe and sound program and discuss any material change to their program with their regulators.”
But she also said that there are two items in the statement that bear notice about what changes are on offer. One of them is the item that states that pilot programs will not be considered when evaluating what is already in place (as noted above). As Ronquillo said, “the agencies will review the existing program independent of the results of the pilot, good or bad.” She cited the statement by FinCEN that that regulatory agency may consider pre-emptive relief, which is not letting banks off the hook. She said that FinCEN is indicating that under the right circumstances it may consider an exemption to certain requirements, “but only specifically when related to testing of the innovation, again, painting a more encouraging picture.”
The DLA study found that 50 percent of firms and CCOs are using technology in compliance efforts, which leaves some runway for new initiatives. “Suspicious monitoring or sanction screening is an area of ‘low hanging fruit,’” said Ronquillo. “A large part of screening is repeatable and of limited value-add. Aside from proper calibration of screening tools, the portion of the process that has need [of] human review can benefit from RPA or robotic process automation. Those efforts, however, need proper investment of financial or human capital.” She stated that “a promising and necessary area of collaboration between business and compliance functions” at financial institutions resides in new product approval processes.
“CCOs have to let go of the fear,” she said of the overall mindset. “Senior compliance leaders have good reason to be cautious in sharing how they view certain compliance issues at their institutions due to a variety of reasons — including competition with other institutions. … Within reason, so long as compliance leads are being careful in specifics of what they share (especially when dealing with Confidential Supervisory Information), I think there is value in sharing information across institutions.”