Everyone who has a lawn knows that the cost of enjoying said lawn doesn’t end when you plant the grass seed. Yards require consistent watering and mowing (not to mention weeding and fertilizing). Similarly, your anti-money laundering (AML) system can’t be merely implemented and then left to its own devices. These systems also require constant care in the form of validation and optimization. As I’ve traveled the country to assist financial institutions with their AML systems, I’ve found that there is a cornucopia of errors that can be brought to light by a system validation. Here are 3 common errors and how to fix them.
1. Incomplete Reports from Core and AML Systems
The first is lacking thorough reports from both the core system and AML monitoring system. The kind of report you’re looking for has data for every transaction conducted by the institution during a given period of time and should include (at a minimum):
- Account number or a unique identifier
- Name of the customer
- Transaction code
- Transaction ID/trace number
- Amount involved in the transaction
- Date the transaction occurred
- Account type identifier (i.e., consumer or commercial).
The AML system report should include the above items as as well as:
- Alert ID
- AML rule that generated the alert
2. Incorrectly Mapped Transaction Codes
The next error is faulty transaction code mapping. Each type of transaction (e.g. check deposits, ACH transfers, checking account withdrawals) is assigned a transaction code. If an institution doesn’t have an accurate “map” of what its transactions codes are, meaning that each type of activity has its own specific code and this code matches what is put into the AML system, there will be a lot of issues with suspicious activity monitoring and reporting. For example, if a wire transfer (which typically involves larger monetary amounts) is correctly coded by the core system but incorrectly coded by the AML system as a cash transaction (which arouses suspicion in large monetary amounts), it may generate an unnecessary alert. This kind of error is surprisingly common. Once identified, taking the appropriate steps to resolve through modification of the AML System through revised mapping is critical. Once completed, a set of new tests should be conducted to ensure that the correction is effective and that the core system’s data matches the transaction codes read by the AML system.
3. Missing Support Documentation
The third mistake missing or incomplete support documentation. For validation to go smoothly, institutions must make sure that the information in the core system can be compared to and verified to be accurate by documentation. For some transactions, like wire transfers, there is a physical form (or electronic copy of the physical form) describing who ordered the wire, the account the wire went to, the date it was to be carried out, etc. These types of records are typically easier to produce. During validation, we take those documents and compare them to the core system to make sure the core contains the accurate information associated with the transaction. Where institutions often run into trouble is for some of the more difficult transaction types, such as ACH transactions and, surprisingly, currency transactions. Institutions frequently have a hard time finding full supporting records. Even though there may not be a tangible form or document involved, there is typically something (such as an online form, an electronic record, a ledger ticket or equivalent) that contains instructions for issuing the order or verifying that currency was involved. Effective validation relies on good record retention (and retrievability) of support documentation, including that of electronic records. Fixing these 3 errors before validation can ensure a smooth AML validation that is likely to be far less painful than re-seeding your neglected lawn.