The USA Patriot, enacted in October of last year, has set forth comprehensive anti-money laundering requirements that financial-services institutions including banks, securities firms and broker/dealers are now moving to meet with new technology investments. Recent research by TowerGroup estimates that total spending for the financial services industry could reach almost $120 million by the end of 2002, with the increasing demand expected to continue into 2003.
"The goal of the regulations is really to make sure that everyone under the sun is regulated, so extending the requirements beyond banks and across the financial services industry," says Breffni McGuire, senior analyst in the Global Payments Group at TowerGroup. While the Bank Secrecy Act of 1970 has regulated the banking industry for some time now, the Patriot Act essentially extends those requirements out to other financial institutions and introduces new anti-terrorist financing provisions.
Breffni points out that some of the regulations being extended to the securities and investments markets include oversight of foreign account activity when accounts are opened on behalf of foreign individuals, entities or businesses. Suspicious activity reporting is also an area that some securities and investment firms have been under taking, but is a requirement under the Patriot Act. "Having anti-money laundering programs in place is a big issue for securities firms," says Breffni. "They weren't specifically subject to this before, so one of the guidelines in the Act is to look at what an anti-money laundering program should put in place."
The new regulations increase requirements in terms of account opening, ownership and usage patterns, making manual compliance more difficult and in turn driving the need for technologies to meet the regulatory provisions. Anti-money laundering technologies can be broken into three categories, says Breffni. The first is record keeping and reporting technologies, which serve to track and report information to regulators and other authorities. Some of this information includes reporting on currency transactions or suspicious activities. While this requirement will be extended to all financial services firms, Breffni adds that about 17 percent of broker/dealers have already been voluntarily filling suspicious activity reports for some time, and about 40 percent of mutual funds have also been doing similar reporting.
The second category is rules-based systems, which range from simple technology for limit checking to more complex multi-tiered rules-based systems for compliance. According to TowerGroup, these rules-based systems monitor transactions in order to identify and filter out potentially suspicious transactions that fall outside of normal customer transaction activity. These activities are flagged and routed for review to staff responsible for anti-money laundering compliance, audit or risk management.
The third category is intelligent-systems technologies such as link analysis, risk scoring, neural networks and complex algorithms. These technologies look at transactions in context, rather than just individual transactions themselves to identify associative patterns. These could include patterns among accounts, customers and relative to peer or other groupings. "The securities and investment side haven't been subject to this type of regulations the way banks were, so it's going to be new for a lot of firms and they now have to get all of this up and running," says Breffni.