Event Summary - Is Regtech the Answer to Canada's Money laundering woes?

Panelists at the November 14, 2019 CRTA anti-money-laundering (AML) breakfast, sponsored by Norton Rose Fulbright, concluded that RegTech can help, but is not the full answer to AML woes. 
 
Panel members agreed artificial intelligence and machine learning help distinguish signals from noise and more quickly identify true positives and avoid false negatives, but to be effective, there must be ‘good data’ and business partners must work together both to learn from the past and develop forward-looking tools.  Rosalind Laruccia explained that “audit can be an effective sounding board when onboarding a new product or service and should not be feared or just seen as a once-a-year visitor and place to call in emergencies, but rather be engaged as an ongoing partner,”
Staff need to understand not only the data they most immediately use, but also the downstream impacts of any change across siloes so clients can be understood from a 360° perspective.  Firms with cross-border operations have greater challenges, as different countries may label and understand fields differently or handle common problems in inconsistent ways.  So testing is particularly important; in the experience of one firm, the results of data analysis identified hundreds of clients with a Jan. 1, 1800 birthdate – a case of incorrect data or no date available being handled in this manner?  The KYC process must include entry, storage, testing/checking and retrieval so downstream users can verify data for logic, data can be correlated, and both structured and unstructured data can be managed.

---

​AML Panel from L to R: Donna Bales (Co-Founder, Canadian RegTech Association), Navjit Singh (Senior Consultant, AML Analytics and Reporting, CIBC), Vishal Gossain (VP – Global Risk Management, Scotiabank), Daniel Leslie (Attorney, Norton Rose Fulbright), Rosalind Laruccia (AVP – Internal Audit, Laurentian Bank of Canada), Eric Brock (COO – PNC Bank (Canada))

A panelist identified several data pitfalls:

1. Decisioning:  Are firms using the same scenarios as previously? Do scenarios still make sense?  Can a firm go from traditional approaches to something more agile?
2. Managing the hen house:  Is Audit relying just on scenarios or devising other ways to monitor and test?
3. Interim periods:  When a data or model problem is identified, what does a firm do about what was missed/mishandled until the fix can be implemented?
4. Documenting:  Are risks and what has been done to mitigate them recorded, with rationales?

 
Several panelists believed that even greater benefits would derive from looking for patterns in data across firms, as the large banks are seeking to do with money-transfer data at Interac – a hub-and-spoke approach that would make it faster to detect, and easier to address, fraud.
 
Daniel Leslie from Norton Rose Fulbright cautioned care: “Process flow and RegTech are only answers if they address the right things.  Whatever systems, processes and standards are adopted require legal validation, and an understanding of the intent of the law – the need to focus on policy interpretation as the basis for RegTech remains underappreciated.  Firms need to assess data and how data elements fit into processes / a framework to ensure data accuracy, moving from KYC to KYD – know your data – as well as how it is being integrated.”  While the industry sees just benefits from merging data from many sources, regulators also look at the data through the lens of privacy, consumer protection and cybersecurity.  Another speaker agreed that there should be no data a firm cannot prove is needed, used, and used only for the stated purpose.
 
A panelist pointed to other benefits from meeting compliance requirements using RegTech correctly, including better sales and customer retention.  Some decisions, however, are beyond RegTech. For example, recent cannabis legalization in Uruguay cut Uruguayan banks out of U.S. markets because of counterparties’ concerns under U.S. law – not a RegTech issue in itself, but one requiring a focus on onboarding processes where RegTech can help.  But while RegTech solutions in the U.S. have quadrupled, most are one-size-fits-all and many will require tweaking that few firms yet have the time and skillset to manage well. 
 
​On a positive note, RegTech, as a tool that fits into a well-defined broader framework, with good data, processes and people, should reduce litigation.
 
In final comments, panelists concurred RegTech is good but not a panacea without the right people and processes.  Good players in the industry have a common interest in getting rid of bad actors while building business by managing assets well, according to good rules of ethics.
 
Case studies presented by Prodago (www.prodago.com) and Jennifer Arnold from Minerva AI – jea.arnold@gmail.com
 
Written by Barb Amsden: Strategic Advisor, CRTA
​