FinCEN’s upcoming Final Customer Due Diligence (CDD) Rule is putting increased regulatory emphasis on how BSA/AML departments are conducting ongoing customer due diligence.
FinCEN has explicitly stated that AML programs, at a minimum, are required to implement:
- appropriate risk-based procedures for ongoing CDD monitoring to understand the nature and purpose of customer relationships, and
- conduct ongoing monitoring to identify and report suspicious transactions, and, on a risk basis, to maintain and update customer information.
With expanding expectations and minimal resources, the question on the minds of many BSA/AML compliance professionals is, “How can we manage this?”
What is intelligent segmentation?
Not all high-risk customers pose the same level of risk to an institution. Therefore, applying the same level of ongoing due diligence to all high-risk customers is incredibly inefficient.
That is what makes intelligent segmentation so valuable. But what is it?
Intelligent segmentation is the application of intelligence-based analytics, utilizing a wide-range of data sources, to:
- identify high-risk customers within an institution’s customer base;
- segment them into their applicable high-risk categories, as defined by the BSA AML Exam Manual (examples include Money Service Businesses (MSBs), Non-Governmental Organizations (NGOs), etc.);
- stratify them within their high-risk category by determining the level of risk they pose to the institution; and
- apply targeted analytical AML models, specifically designed for each high-risk group, and machine learning to monitor these customers on an ongoing basis for suspicious behavior.
Uncovering and Stratifying ATM Owners
Here is an example that illustrates the power of Verafin’s intelligent segmentation.
United Bank has recently on-boarded a small, local pool hall. Based on the information provided by Gavin, the owner, at account opening, the business is not considered high-risk.
Two-and-a-half months into the relationship, the bank’s BSA/AML compliance department receives a Verafin CDD/EDD alert indicating that the account is performing settlement transactions, which may indicate the presence of a private ATM on the pool hall’s premises.
An investigative case is opened in Verafin and Gavin is contacted. Gavin confirms that he recently installed a private ATM within his building. He tells them he is not replenishing with cash from the pool hall’s cash register.
Susan, the investigator at the bank, indicates Gavin is a private ATM owner on his account profile in Verafin. While this places him in a high-risk category, since he is not replenishing the ATM from his cash register, his risk is minimized in comparison to other ATM owners at United Bank.
Considering Gavin’s risk factors, Verafin automatically risk rates the account as a medium-risk ATM Owner, which, in accordance with the bank’s policy, requires a review within the next six months.
Gavin’s pool hall is now segmented, through intelligent activity analysis, into an appropriate high-risk category. Applicable ATM owner risk factors helped Susan stratify the account within that category so that she is performing the appropriate risk-based level of ongoing due diligence.
Unfortunately, a month later Gavin starts a questionable relationship with a motorcycle gang that is now bringing him large quantities of dirty money, which he is mixing with the cash he is using to fill the ATM.
Because Verafin is now applying a targeted ATM Owner model to the ongoing analysis of Gavin’s activity, Susan receives another alert on Gavin’s account, indicating he is receiving ATM settlements but is not withdrawing enough cash to balance them. When she reaches out to Gavin to question the activity, he tells her he is using cash on-hand.
Susan is now aware Gavin is replenishing cash from his register, an important additional risk factor. Verafin automatically adjusts his risk level, as he is now a high-risk ATM Owner. United Bank will now review the account every three months, as per their procedures. Additionally, Verafin’s targeted analytical model adjusts to the newfound information and considers the additional risk factors when monitoring the account.
A better risk-based CDD process
Intelligent segmentation gives institutions the means to make ongoing due diligence both effective and manageable — a goal for any BSA/AML compliance department.
In addition, through the application of intelligent targeted analytics, compliance professionals gain the ability to better isolate and report on suspicious activity.
Over the coming months, you will see numerous Verafin blog posts that dig into specific high-risk categories and offer insight into how segmentation and stratification helps you better manage the demands of performing ongoing due diligence on high-risk customers.
New Webinar Series on High-Risk Customer Management Begins April 24
As noted above, every financial institution is under regulatory pressure to identify, monitor and manage high-risk customer types, such as Privately-Owned ATMs, MSBs, MRBs and NGOs and more, as outlined in the FFIEC BSA Exam Manual.
Join us for our upcoming webinar series, where we will explore the challenges of identifying, monitoring and reviewing high-risk customers and discuss the risk factors of each group. You’ll learn how Verafin’s end-to-end approach to Intelligent Segmentation eliminates manual processes, reduces costs and strengthens compliance with identification, risk scoring and targeted monitoring tailored specifically for each high-risk customer category.
Can’t attend one of the webinars? We’d be happy to arrange a custom presentation for you and your team.