This week RBS found the spotlight in an unenviable way when it was fined GBP 5.6M by the Financial Services Authority (FSA) for insufficient controls over payments screening processes. According to news articles, the list of transgressions include a breakdown of manual procedures and also inadequate technology functionality. Regulators in the UK and USA are notoriously strict when it comes to enforcing transaction screening for blocked parties due to the potential risk of terror financing and other illicit purposes. Lloyds TSB and ABN AMRO have also fallen foul of this in recent years.
The lot of an ops manager responsible for the screening function is not easy. Payments must be scanned against multiple watch lists issued by government bodies, beneficiary details in the payment may be mis-spelled, alternative spellings in foreign languages cause challenges too. As the list of blocked parties grows, and the tactics used by nefarious characters around the world results in an increasing number of false positives. I don't envy anyone with the responsibilty for the timely update of watch list databases, and development of compliant processes and procedures.
Pressures on Risk Management
But it isn't just high value international payments from less regulated countries that require scrutiny. Payments made over domestic 'low value' systems are increasing in value, and there is a general trend toward reducing the latency in payments execution across the board. More batch systems are giving way to realtime processing. In turn, this places extra pressure on risk management and compliance controls to intercept suspect transactions, and for ops managers to apply timely decision making at the review process.
Up In The Clouds
A knock-on aspect of this is an onus on government regulators to disseminate and publish the data changes as expediently as possible to eliminate lag in the system. I believe that cloud computing is a natural environment to help mitigate some of these risks. Microsoft's cloud platform is called Azure and enables new paradigms for hosting, managing and parsing data in a highly scalable environment.The ability to store and manage reference data such as watchlists, and make that data universally accessible to compliance vendors and banks around the world could significantly reduce latency and errors in data management.