This week RBS found the
spotlight in an unenviable way when it was fined GBP 5.6M by the Financial Services Authority (FSA) for insufficient controls over payments screening processes. According to news articles, the list of transgressions include a breakdown of manual procedures
and also inadequate technology functionality. Regulators in the UK and USA are notoriously strict when it comes to enforcing transaction screening for blocked parties due to the potential risk of terror financing and other illicit purposes. Lloyds TSB and
ABN AMRO have also fallen foul of this in recent years.
The lot of an ops manager responsible for the screening function is not easy. Payments must be scanned against multiple watch lists issued by government bodies, beneficiary details in the payment may be mis-spelt, and alternative spellings in foreign languages
cause challenges too. As the list of blocked parties grows, and the tactics used by nefarious characters around the world results in an increasing number of false positives. I don't envy anyone with the responsibility for the timely update of watch list databases,
and development of compliant processes and procedures.
Pressures on Risk Management
But it isn't just high value international payments from less regulated countries that require scrutiny. Payments made over domestic 'low value' systems are increasing in value, and there is a general trend toward reducing the latency in payments execution
across the board. More batch systems are giving way to real-time processing. In turn, this places extra pressure on risk management and compliance controls to intercept suspect transactions, and for ops managers to apply timely decision making at the review
Up In The Clouds
A knock-on aspect of this is an onus on government regulators to disseminate and publish the data changes as expediently as possible to eliminate lag in the system. Cloud computing is a natural environment to help mitigate some of these risks and the ability
to store and manage reference data such as watch lists, and make that data universally accessible to compliance vendors and banks around the world could significantly reduce latency and errors in data management.