Research for planning the investigations involves several steps that help ensure the research is conducted in an organized and effective manner. The ML/TF case investigation process requires performing prior general and specific research to develop a risk-based investigation approach, because the research may highlight or identify significant ML/TF risks which need to be considered during the investigation process. The research process involves the review of historical financial transactions, customers’ risk profiles, jurisdiction, product and channel risks involved, and other related information.
Research for planning investigations involves gathering information to help guide the investigation process. It involves identifying the goals and objectives of the investigation, determining the scope and limitations of the investigation, identifying potential sources of evidence, and developing a plan for collecting, analyzing, and interpreting that evidence. Overall, research for planning investigations is a critical step in the investigation process, as it helps to ensure that the investigation is focused, thorough, and effective in achieving its goals.
Research helps in the identification of possible root causes of the ML/TF suspicious transactions occurred or alerts generated. The research aims to analyze various possible risk conditions that led to compliance and control breaches. Research also involves checking the prior reported ML/TF risk incidents and the causes of those reported incidents. The research process needs to be based on the institution-specific significant ML/TF risks and should be linked or correlated with the customer’s transactions that need to be investigated.
Research for Planning the Investigations
The research process should also be a forward-looking activity to assess the possibilities of the reoccurrence of financial crime risks or emerging ML/TF risks. To assess the reoccurrence of ML/TF risks or incidents, the investigators analyze the historical as well as current financial crime data or trends, to establish the inter-connections between them. This connection assessment helps in the prediction of possible future fraud incidents.
Banks focus extensively on the narrative part of the SAR, and in some cases, the managers and investigators usually are from the background of the regulatory job and have experience with ML and financial investigations, and possess knowledge about the relevant regulatory requirements.
As part of investigation research, the transaction alerts that are generated by the AML system are generally assessed to check the current risk profile of the relevant customer and checking the history of that customer’s transactions and activities. This general research may highlight inconsistencies between the customer’s actual risk profile and the transactions being performed by that customer.
In case the detail of the risk profile is not matched with the transaction, the information to be obtained from the customer about the nature and purpose of the transaction is then planned. If the customer provides appropriate feedback that matches the transaction, then the AML team marks the alert as close. In case the customer does not provide a satisfactory response or hides the information then the transaction is considered suspicious.
Business groups may discuss with compliance team members the specific cases or new ML/TF risk trends discovered by them. This allows for cross-training to understand the ML risks that exist within the different processes. Transaction investigators participate in monthly group meetings that provide the ability to discuss ML/TF risks and issues, which may also contribute to performing research for investigations because the discussion may highlight emerging or new risk trends, that must be checked by the AML compliance team members.
Once a transaction alert is generated by the monitoring system, six months of account activity is generally researched. Once a decision is made to initiate an investigation, the alert is entered into the bank’s case management system. At this point, the timeline for filing a suspicious activity report (SAR) starts. Different tools are used to track the relevant information for the preparation of SAR and its filing.
The information may be the transaction data, customer profile data, and related account activity and information. The system allows the monitoring analyst to check other information databases to pull all available information together into a concise form for analysis, management review, and approval. Investigators focus on determining where the money came from, what happened to it while at the bank, and where it went when it left.
After the filing of the SAR, the bank conducts a post-investigation to determine if suspicious activity continues and if a supplemental SAR is required. In case of a second SAR, the account closure process is required to be initiated. The bank uses the suggested SAR filing tool, to include investigative details before proceeding and/or submitting the SAR.
If a SAR is not filed, then the investigator reflects this as an “unfiled case.” Supporting documentation as to why the SAR is not to be filed is included in the respective customer file. An indication as to whether or not the account will continue to be monitored is also mentioned, for reference purposes.
To detect incidents of crimes such as fraud, all the processes and activities are studied to find the controls weaknesses, and possible avenues, which are exploited by the employees or other stakeholders. Financial crime detection is an ongoing process that is performed to assess the possibility of the occurrence of fraud in any particular area of the department.
For investigation purposes, the investigation team may use a database built to record the details of ML/TF risks and incidents, including the details of the progress of their previous investigations. Such databases must be analyzed and monitored on an ongoing basis. This helps management in understanding the reasons and causes of ML/TF incidents, therefore, management establishes and implements relevant processes and procedures to prevent the occurrence of similar ML/TF activities.
The compliance team may be held responsible for periodically reviewing and updating the database to ensure that it remains current and relevant for future ML/TF risk identification and management. The database may be based on different parameters to highlight the criticality of the ML/TF risks and incidents.
Final Thoughts
Investigation research, particularly in the context of money laundering and terrorism financing (ML/TF), is a critical endeavor necessitating meticulous planning and rigorous analysis. This process involves a comprehensive review of historical financial transactions, customers’ risk profiles, jurisdictional issues, and various other related details. It is crucial for understanding root causes and detecting suspicious transactions, thereby leading to more effective compliance and control measures. The research not only aids in diagnosing past incidents but also serves as a forward-looking tool to predict potential ML/TF risks.
This ongoing process calls for collaboration across departments, incorporating expert knowledge from regulatory backgrounds, and relying on advanced technological tools, databases, and alert systems. The filed and unfilled cases, their associated customer responses, and the progress of ongoing investigations form an essential part of this database, helping institutions stay ahead in the fight against financial crimes. In essence, meticulous research is the backbone of efficient, predictive, and proactive investigation planning, enhancing overall ML/TF risk identification and management.