From the previous article, we have come to known that why different regulatory bodies want to implement goAML and why they are pushing different financial sectors to implement them. However, the problem occurs when the expectation of regulatory bodies does not match with the reality of financial institutions. We are going to share some problems that most financial institutions(FIs) may face at the time of implementing normal along with their solution.
- Gap Analysis:
In a simple sense, goAML is nothing more than reporting transactions online rather than manual reporting. The problem arises when organizations need to provide the information that they have never bother to collect from a customer or input in the core banking system. For instance, providing information about conductor details like name and phone number. That being said, your first objective here is to identify, what additional information is needed from the goAML perspective. In this sense, you need to first carry a gap analysis to identify what information you require for goAML.
2. Technical Feasibility
Now, let’s look at the second problem. To put bluntly, we really don’t know how our Core Banking System(CBS) work. Most core banking systems are designed to carry out financial transactions only. However, many Fis try to customize CBS for KYC management, for which it was not built in the first place.
CBS is a closed system and it should be a closed system. Vendor does not allow any customization in that system but they allow initially at the time of implementation even though, they know that it will bring complexities later. They do this because they need to sell their product. CBS is a system that is composed of various modules where each module is responsible to handle various transactions and these modules are interrelated, therefore, if you make changes in the module it is going to affect others. Since, in the beginning, the organization is not carrying any transaction, so changes made will not have any significant effect, but later it might, hence, vendor or your IT department may be reluctant for the change.
Therefore, a better method is to have a separate KYC system which is linked to CBS through API. There should be a separate database which will combine the information from both of these systems so that you can generate XML files for GoAML reporting purpose.
3. Root Cause Analysis
Ok you have required fields in CBS system will that be sufficient, well no, you need data, only then you will be able to succeed goAML reporting. Again, who provides the data, customer of course but it should be inputted by your front line staff. If your front staff is not educated about this or unaware of the value of the data they will not be interested in putting data.
There are organizations that have large goAML screening teams up to 20-30 staff whose main responsible to dump the goAML report from the system and check for incomplete and inconsistent data. This is a complete waste of time because you are not trying to fix the root problems. The main problem lies with your front line staff. If you are suffering from any instance of incomplete or inaccurate data then there is a problem with your front line staff. It means either they are not educated or they don’t how to identify, collect, and input data from KYC documents or transaction vouchers into the system, and in some cases may be just negligent. Once you identify this problem, you need to solve these issues by providing them with rigorous training, developing different types of checklist regarding how to fill information in the system, or customizing the system itself to make it user friendly. Even after this, your staff makes mistakes then you need to set an example by taking disciplinary action, to give a message to other staff that you have adopted Zero Tolerance Policy for goAML.
4.Lack of clarity of scope.
Regarding goAML, there is always a confusion regarding the scope of AML/CFT or Compliance department, Operation department, IT department. From the GoAML perspective, you need to understand this clearly from the very beginning, as AML/CFT or Compliance department your role is to perform a gap analysis between the requirements of GoAML and CBS to identify what additional information is required. You need to communicate these requirements to your IT and Operation Department. IT department is solely responsible to handle technical parts like creating additional fields in the CBS or build separate systems if required. Now comes the role of the operation department, it needs to develop checklists, educate front line staff on how to carry out transactions, and inputting information in the system completely and accurately. AML/CFT or Compliance Department will play an oversight role to see if all the activities are being carried out to meet the GoAML goals if there is any deviation, corrective measures should be taken. Therefore, it is the utmost requirement that the AML/CFT or Compliance department will call meeting with these departments on a frequent basis to obtain the status of the progress.
However, this is a very ideal situation, the situation is aggravated when there is a lack of coordination exist between these departments and the blaming game starts. Every department has the excuse that they are unable to do so and so because other departments did not cooperate with them. Thus, although the individual department may win by playing this game, the whole organization will suffer.
5. Lack of Top Management Commitment
This mostly happens when the vision of top management is myopic as some management are business motives so compliance may be of less priority. The goAML is usually carried as a national level project by the government which is headed by the FIU of the country. FIU of the respective country usually forces compliance/AML-CFT staff of the organizations to carry out the goAML activities but if the top management is not motivated, they cannot do much. Therefore, FIUs should instead try to make top management aware of the consequences of not able to complete goAML project. It is of great importance that the tone from Top management should be set in such a way that, it must be clear throughout the organization that management is going to do whatever it takes to make the goAML project successful and any non-compliance will be severely dealt with.
if you are going to implement goAML in your organization, trust in this, it is going to be one hell of a ride. However, if you have gone through our article and training videos then we can assure you that your journey will be of a comfortable one.
Thank you for your time. Please do like and share this article if you have found it useful.