AML/CFT Process Simplified:Understanding goAML(part 1)

0
4628

If you are in the financial institution sector, you must have heard the term GoAML. This two-part article series will explain what is GoAML, why was it introduced, what are nuts and bolts behind it.

 What is goAML?

GoAML application is one of out of many solutions provided by UNODC to combat worldwide financial crime in the areas of money laundering and terrorism financing. It is the integrated database and highly intelligent system pioneered by Enterprise Application Center Vienna(EAC-VN).The Enterprise Application Center Vienna(EAC-VN) of the United Nations Office in Drugs and Crime(UNODC) specializes in the development, implementation and support of GoAML used by its Member states.The goAML application is available to Financial Intelligence Units of Member States as of March 2020, out of 111 Member FIUs, 49 have already deployed goAML.

FIU and goAML

As you all know that FIUs play vital role in preventing money laundering and terrorism financing. They do this by collecting, processing and analyzing suspicious activities report that they receive from financial institutions or other entities as per AML/CFT laws of the regime. GoAML will act as central repository to create database of reports on such SAR/STRs.Then after GoAML performs following functions

  1. Collection: It receives the SAR/STRs submitted by FIUs
  2. Analysis: FIU will then perform different types of analysis based on different scenario and carries out risk scoring and profiling.
  3. Data Sharing: The data is exchange between  FIU and regulatory bodies, intelligence agencies or international bodies on the basis of mutual agreement.

Demystifying goAML

The GoAML system has built in 14 separate functions into one software which includes data collection, data evaluation and clean up, ad-hoc queries and matching, statistical reporting on information/reports received and processed, structured analysis, account profiling, rule-based analysis, workflow management, task assignment and tracking, document management with full text search capacity, intelligence file development and management, data acquisition/integration from external sources, integrated charting and diagramming and an intelligence report writer tool.

Source; https://gocase.unodc.org/gocase/en/goaml.html

The goAML system is driven by a security model that specifies the kind of access rights each user has, and which provides an audit trail and log details for every transaction performed by all users. The goAML solution is well suited to both low and high data volume environments.

   GoAML stores following types of report received by FIU:

  1. Cash Transaction Reports (CTR).
  2. Suspicious Transaction Reports (STR).
  3. Unusual Transaction Reports (UTR): UTR relates to all unusual (cash) transactions that might be suspicious.
  4. International Funds Transfer (IFT): IFTs are the in which money is sent to from one country to another.
  5. Cross-Border Report: Transactions that involve sending or receiving money across borders.
  6. Additional Information File (AIF): AIFs are replies to requests for information when the analysts require more details on transactions, involved persons, accounts, or entities.

It also interesting to note that FIU of different countries has different level of maturity. The competency, availability of resources to one FIU may be different from other FIU in another country. FIU Information System Maturity Model (FISMM), developed by the Egmont Group of FIUs, is a comprehensive framework to enable FIUs of varied sizes and contexts to assess the maturity level of their processes and IT systems. Five types of FIUs (in terms of FIUs of sizes and contexts) have been identified:

  1. Small FIUs in fragile countries
  2. Small FIUs in stable countries
  3. Average FIUs
  4. Big Data FIUs
  5. FIUs supporting a distributed user community or distributed financial institutions

In line with this different architectures of GoAML has been develop to support different level of FIUs, they are also of five broad categories.

  1. goAML in the box for small FIUs in fragile states;
  2. goAML SE for small FIUs in stable countries;
  3. goAML SE – goINTEL for average FIUs;
  4. goAML EE for big data FIUs; and
  5. goAML D for FIUs with distributed user community and/or distributed financial institutions (with commercial/financial free zones)

The main purpose of GoAML is to:

  • Facilitate various countries in meeting international standards through creation of  effective Financial Intelligence Units (FIUs)
  • Develop standard global anti-money laundering platform
  • Create customize system to meet  needs of any type of FIU
  • Become User Friendly by providing standard graphical user interface
  • Develop more user base.
  • Promote good relationship with many international and regional institutions

Technicality:

So in simple words, goAML is online reporting of your regulatory reports mainly TTR and STR. This is done via XML file. You will have AML solution system which will generate transaction reports that are in the XML format and the same XML file will be uploaded. For those who are not aware of XML, let’s dig it little deeper.

XML is short form of eXtensible markup Language and it was designed to store and transport data. It does not do anything, it is information wrapped in the tags. For example:

<email>

<to> Mr.Bond</to>

<from>Dr.No</from>

<heading>Spectre</heading>

<body>No on Lives Twice!</body>

</email>

The above tags are not defined in the XML, they are invented by author(Dr.No in this case) to carry information from one system to another. These tags in XML file as a whole refers to element. These element can contain text, attributes, other elements. In this case<email> is element which contains text tags like <to>,<from>,<heading>,<body> and it contains text information.XML stores the data in plain text format so exchanging between different system is simplified.

XML Schema

For every XML file there should be XML schema, For the above XML file , the following is the XML schema.

  • <xs:element name=”email”> defines the element called “email”
  • <xs:complexType> the “email” element is a complex type because it includes other types of elements/text within its tag.
  • <xs:sequence> the complex type is a sequence of elements i.e different tags
  • <xs:element name=”to” type=”xs:string”> the element “to” is of type string (text)
  • <xs:element name=”from” type=”xs:string”> the element “from” is of type string
  • <xs:element name=”heading” type=”xs:string”> the element “heading” is of type string
  • <xs:element name=”body” type=”xs:string”> the element “body” is of type string

Therefore, XML schema is a syntax for XML file. For e.g, in <body> tag, if you supply numerical input, then your XML file will not be validated because <body> tag only accepts data in string/text format. So, if there are data error in your XML file then your XML file will not be validated because it will inconsistent with XML schema.

Validating XML file

  1. Regulator Site:

Most probably your regulator will have provided the site in which you can validate your XML file for any errors. You need to copy/paste your XML file and click on submit/validate button to check XML file for any errors.

2. Online Site:

There are various online sites that provide the same facility as your regulator site. Here, they have option to upload XML schema file in one section and copy paste XML file in another section. Then you can validate those files. However, caution is required here, since the you are trusting your confidential data to unrelated third party, so confidentiality of the data may not be guaranteed.

3. Plugins

If you are using Notepad++ or other software for editing XML files then you have option to install plugins to upload XML schema file for validating your XML files.

However, with all the above options, there is one flaw. These options are only suitable if you are trying to validate XML files one at a time. Remember, you may have hundred of XML files for TTR and STRs reports. It will be time consuming to validate each XML files one at a time. Therefore, you may need to contact Vendors who can provide you with bulk validation of XML files.

4. SIORIK goAML Bulk Validator:

We have also launched a product called SIORIK goAML bulk validator, the main feature of this product is that you upload the whole  folder of XML files and verify it against the XML schema. Further, if you are involved in Nepalese Banking and the financial institution, we have good news, with the purchase of this Bulk Validator, we will provide you with customized XML schema which is an improved version of XML schema provided by FIU. It detects inconsistencies like a missing source of fund, permanent address as well as whether the PAN is in numerical format or not. If you want, you can purchase this product by clicking here. The following video shows the demonstration of this product.

In the next article, series we will discuss, what problem do usually financial institutions face while implementing goAML in their organization.

Thank you for reading. Please like and share this article, if you have found this article useful.

[stextbox id=’alert’]ARE YOU PLANNING TO TAKE ANY PROFESSIONAL CERTIFICATION EXAM LIKE CAMS, CISA, CISSP, CER OR OTHERS, SOONER OR LATER. TO HELP YOU IN THIS JOURNEY, WE HAVE JUST A MOBILE APP FOR YOU, WITH TON OF FEATURES AND “ABSOLUTELY FREE”.ALSO, CHECKOUT OUR YOUTUBE VIDEO PRESENTATION FOR THIS APP WHICH ALSO INCLUDES GREAT TIPS ON PASSING THESE EXAMS. [/stextbox]

Next Article: Problems on Implementing goAML