Blog

Improving your risk-based CDD with intelligent categorization

How segmentation improves both the effectiveness and efficiency of your customer due diligence procedures for higher-risk categories

April 17, 2018 by Verafin

2018 updates to Customer Due Diligence requirements have increased regulatory emphasis on how BSA/AML departments must conduct ongoing customer due diligence.

The FFIEC BSA/AML Examination Manual states that AML programs, at a minimum, are required to implement:

  • appropriate risk-based procedures for ongoing CDD monitoring to understand the nature and purpose of customer relationships, and
  • conduct ongoing monitoring to identify and report suspicious transactions, and, on a risk basis, to maintain and update customer information.

With expanding expectations and minimal resources, the question on the minds of many BSA/AML compliance professionals is, “How can we manage this?”

What is intelligent categorization?

Not all high-risk customers pose the same level of risk to an institution. Therefore, applying the same level of ongoing due diligence to all high-risk customers is incredibly inefficient.

That is what makes intelligent categorization so valuable. But what is it?

Intelligent categorization is the application of intelligence-based analytics, utilizing a wide-range of data sources, allowing for more tailored and effective management throughout the customer relationship, including:

  • Identification of high-risk customers and relative risk factors, and categorizing customers into their applicable high-risk groups.
  • Risk Stratification to address how risk differs within each high-risk category, and that automatically risk scores each customer relative to others in the same group.
  • EDD Review Workflows that automate tasks and reminders, and integrate into ongoing AML monitoring and surveillance processes.
  • Surveillance that applies targeted analytics to specific groups, and monitors them for risk factors and unusual activity.

Uncovering and Stratifying ATM Owners

Here is an example that illustrates the power of Verafin’s intelligent categorization.
ABC Bank has recently onboarded a small, local pool hall. Based on the information provided by Gavin, the owner, at account opening, the business is not considered high risk.

Two-and-a-half months into the relationship, the bank’s BSA/AML compliance department receives a Verafin CDD/EDD alert indicating that the account is performing settlement transactions, which may indicate the presence of a private ATM on the pool hall’s premises.

An investigative case is opened in Verafin and Gavin is contacted. Gavin confirms that he recently installed a private ATM within his building. He tells them he is not replenishing with cash from the pool hall’s cash register.

Susan, the investigator at the bank, indicates Gavin is a private ATM owner on his account profile in Verafin. While this places him in a high-risk category, since he is not replenishing the ATM from his cash register, his risk is minimized in comparison to other ATM owners at ABC Bank.

Considering Gavin’s risk factors, Verafin automatically risk rates the account as a medium-risk ATM Owner, which, in accordance with the bank’s policy, requires a review within the next six months.
Gavin’s pool hall is now categorized, through intelligent activity analysis, into an appropriate high-risk category. Applicable ATM owner risk factors helped Susan stratify the account within that category so that she is performing the appropriate risk-based level of ongoing due diligence.

Unfortunately, a month later, Gavin starts a questionable relationship with a motorcycle gang that is now bringing him large quantities of dirty money, which he is mixing with the cash he is using to fill the ATM

Because Verafin is now applying a targeted ATM Owner model to the ongoing surveillance of Gavin’s activity, Susan receives another alert on Gavin’s account, indicating he is receiving ATM settlements but is not withdrawing enough cash to balance them. When she reaches out to Gavin to question the activity, he tells her he is using cash-on-hand.

Susan is now aware Gavin is replenishing cash from his register, an important additional risk factor. Verafin automatically adjusts his risk level, as he is now a high-risk ATM Owner. ABC Bank will now review the account every three months, as per their procedures. Additionally, Verafin’s targeted surveillance models adjust to the newfound information and considers the additional risk factors when monitoring the account.

A better risk-based CDD process

Intelligent categorization gives institutions the means to make ongoing due diligence both effective and manageable — a goal for any BSA/AML compliance department.

In addition, through the application of intelligent targeted analytics, compliance professionals gain the ability to better isolate and report on suspicious activity.

Webinar Series on High-Risk Customer Management

As noted above, every financial institution is under regulatory pressure to identify, monitor and manage high-risk customer types, such as Privately-Owned ATMs, MSBs, MRBs, NGOs and more, as outlined in the FFIEC BSA Exam Manual.

In this webinar series, we explore the challenges of identifying, monitoring and reviewing high-risk customers and discuss the risk factors of each group. You’ll learn how Verafin’s end-to-end approach to Intelligent Categorization eliminates manual processes, reduces costs, and strengthens compliance with identification, risk scoring, and targeted monitoring tailored specifically for each high-risk customer category.

We would also be happy to arrange a custom presentation for you and your team.

Verafin’s industry-leading, cross-institutional Fraud Detection and Anti-Money Laundering (FRAMLx) collaboration software is utilized by 1700 financial institutions across North America. With powerful cloud-based technology, FRAMLx facilitates 314(b) information sharing, and offers innovative artificial intelligence and machine learning capabilities to proactively prevent cross-channel fraud, uncover a wide range of suspicious activity, and enhance BSA/AML procedures through end-to-end, risk-based CDD/EDD functionality.