A new report by LexisNexis Risk Solutions has found that increased AML regulations, more so than criminal threats, are intensifying compliance costs for UK financial institutions.
Surveying over 300 financial institutions across the UK, ‘Cutting the costs of AML compliance’ reports that a culture of over-cautiousness leads to over-reporting of suspicious activity, resulting in higher volumes of work. Institutions cite media coverage of money laundering and Covid-19 related scams as adding to the burden of the compliance function as this coverage inevitably prompts a reaction from legislators.
This cost equates to an annual spend of £28.7 billion across UK financial institutions, and is expected to grow to over £30 billion by 2023. Firms in the survey reported an average annual AML compliance cost of £186.5 million - with larger institutions citing costs closer to £300 million each year.
“We were surprised, almost disappointed, about the cost of AML compliance to the financial services sector,” laments Steve Elliot, managing director, LexisNexis Risk Solutions, UK and Ireland.
He furthers that to put this in perspective, the entire UK annual defence budget for the year ending March 2021 was £53.3 billion - financial institutions are spending around half of the UK’s national defence budget on AML compliance.
Even more striking, Elliot adds, is that the National Crime Agency (NCA) estimates the total annual cost of serious organised crime in the UK economy to be around £37 billion, “so the cost of complying is not too far behind the cost of the crime itself.”
Adding salt to the wound, research indicates that despite this spend, anti-money laundering policy intervention has less than 0.1 percent impact on criminal finances, and compliance costs exceed recovered criminal funds more than a hundred times over.
“This is really just the perfect storm,” states Elliot. “We have the problem of changing regulations that firms are trying to embrace and adopt with increased frequency, these are increasingly complex, and we also have firms that are trying to solve the problem by throwing more and more people at it instead of changing their approach with technology and data. We end up with increasingly costly, inefficient arrangements to solve the problem of financial crime and to ensure compliance, and that is coming at a high price.”
The report underscores that it isn’t just the regulation itself which is costly, but the time taken to interpret complex legislation which adds to the bottom line. For instance, during 2020, UK money laundering regulations integrated the requirements of the Fifth Money Laundering Directive (5MLD) and UK firms estimate that it will cost on average around £750k to implement.
Quoting a group head of financial crime for a UK specialist lending bank, the report notes that “some of these changes are like turning a super-tanker, particularly for the larger organisations. Processes are embedded, so the sooner you can get the guidance out, the better.”
Elliot also points to Brexit as a pain point for financial institutions who are grappling with the additional layer of complexity that it demands with the separation of EU / UK standards. He says that “the UK sector has generally been very active in ensuring compliance. If you’re comparing the old AML regulations, a lot of the EU states didn't adopt the regulations into law as fast or as comprehensively as the UK did. They were applying lower standards which means we now have again a range of concerns, or a range of issues there that are causing the UK to experience a lot of costs as they seek to comply.”
On top of this, the report states that the industry is supervised by regulators who “don’t necessarily understand the granular impact of some of the changes they’re making.” It reads that for many firms, the cost of complying with money laundering regulations is wholly disproportionate to their size and their level of risk.
To illustrate the point, Elliot points to changes to the sanctions screening which came into effect at the beginning of the year. “The introduction of a UK sanction list in addition to the existing EU sanction lists, might not look like a big change, but where there are differences in names, firms are having to change their systems because they have to comply with both standards. What may appear to be small changes actually can be quite significant.”
Elliot is confident that the 1% detection rate can and should be improved significantly with the correct approach. Using algorithms and machine learning against big data sets, means firms can actually spot real financial crime. This is effective because technology allows firms to use confirmed financial crime patterns and then model that back through the data to look for similar patterns of behaviour across the attributes.
“This is far more effective at finding crime than what happens today. For instance, looking at transaction monitoring today, there's a lot of rules-based transaction monitoring which has high false-positive rates. Using technology will absolutely help to identify who the fraudsters are and detect suspicious transactions in a far more credible way than just manually working through rules like firms currently do.”
Instead of adopting new technology and bigger datasets, Elliot notes that large financial institutions tend to add more people to the process, but of course, there is a limit to what humans can effectively check.
“Applying more and more people might ensure you have quality checking on what you already have, but it's a very expensive way of doing the quality checking and it's against a very limited capability. The actual answer is, embrace new technology and bigger datasets and use that to solve the problem instead of just building on what doesn't work.”