Blog article
See all stories »

Payment Screening in the Cloud

This week RBS found the spotlight in an unenviable way when it was fined GBP 5.6M by the Financial Services Authority (FSA) for insufficient controls over payments screening processes. According to news articles, the list of transgressions include a breakdown of manual procedures and also inadequate technology functionality. Regulators in the UK and USA are notoriously strict when it comes to enforcing transaction screening for blocked parties due to the potential risk of terror financing and other illicit purposes. Lloyds TSB and ABN AMRO have also fallen foul of this in recent years.

The lot of an ops manager responsible for the screening function is not easy. Payments must be scanned against multiple watch lists issued by government bodies, beneficiary details in the payment may be mis-spelt, and alternative spellings in foreign languages cause challenges too. As the list of blocked parties grows, and the tactics used by nefarious characters around the world results in an increasing number of false positives. I don't envy anyone with the responsibility for the timely update of watch list databases, and development of compliant processes and procedures.

Pressures on Risk Management
But it isn't just high value international payments from less regulated countries that require scrutiny. Payments made over domestic 'low value' systems are increasing in value, and there is a general trend toward reducing the latency in payments execution across the board. More batch systems are giving way to real-time processing. In turn, this places extra pressure on risk management and compliance controls to intercept suspect transactions, and for ops managers to apply timely decision making at the review process.

Up In The Clouds
A knock-on aspect of this is an onus on government regulators to disseminate and publish the data changes as expediently as possible to eliminate lag in the system. Cloud computing is a natural environment to help mitigate some of these risks and the ability to store and manage reference data such as watch lists, and make that data universally accessible to compliance vendors and banks around the world could significantly reduce latency and errors in data management.


Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 23 August, 2010, 11:20Be the first to give this comment the thumbs up 0 likes

While I don't underestimate the challenges involved in sanctions screening, especially those related to non-English names, what I've seen and heard does lead me to believe that it is possible for banks to surmount them by using currently-available technologies.

(a) The payments landscape in a large UK bank comprises of 4-5 applications, some of which are modern and can accurately process names and addresses containing acute, grav, umlaut and other accents used in European languages, whereas others are legacy and simplistically skip such accent marks. If only the legacy apps were upgraded, the whole payments shop would derive the ability to overcome language-related challenges

(b) Algo trading applications arguably handle far more dynamic data (e.g. stock price data that change far more frequently than whitelists and blacklists used in sanctions screening) yet operate at far lower latency (e.g. milliseconds) as compared to most payments applications. By adopting memory-resident databases and other technologies used in algo trading, payments applications would be more capable of responding to dynamic data.