Need For An Effective Anti-Money Laundering (AML) Change Management Programmes

Compliance with financial crime legislation is one of the most difficult challenges facing chief operating officers of financial institutions today. Over the years, regulators across the world have released guidelines to cater to the constantly evolving nature of the financial crime. Moreover, banks with an international presence have to manage regulatory changes emanating from financial regulators across geographies, wherein rules may differ with jurisdictions. This requires banks to monitor on an on-going basis, the collective impact of changes driven by regulators across their jurisdictions, and ensure that they are in compliance with these requirements/regulations. According to Deloitte’s Anti-Money Laundering Preparedness Survey Report, 2020, about 81 per cent of the bank respondents stated that their AML programmes were compliant with regulatory requirements. However, the survey also indicates that increased regulatory expectations and enforcement of current regulations will continue to be challenging in the near future for most banks. The criticality of effectively managing regulatory changes arising out of multiple jurisdictions is reaffirmed by 51 per cent of the bank respondents citing this as another key AML compliance challenge. Over the years, banks have made significant investments in automating processes and implementing new systems to respond to increasing business volumes and regulatory scrutiny. However, the survey indicates that manual processes, increasing volumes, and data quality remain key operational challenges for most banks. This may be attributed to a siloed approach, lack of strategic direction and pattern of ad-hoc investments which has led to poor data quality and system integration.  

Traditionally, banks have adopted a response-driven approach to AML compliance. With increased regulatory expectations, it is expected that banks focus on a pro-active AML compliance programme, where efforts are focused on identifying red flags and mitigating potential money-laundering issues. This change in regulatory expectations can pose a challenge to most banks, as indicated by the majority of respondents to the survey.  

In our view, a robust change management programme can make adapting to these new guidelines less challenging and help direct investments strategically. 

In our view, making significant enhancements within the AML framework and/or systems without adequate regard to factors, such as regulatory obligations, applicability, business context, availability of input data, data quality, existing IT system configurations, and integration can often lead to undesirable results. Changes/enhancements made in one area can have the potential to materially impact other areas of the AML framework.  

A bank-wide AML change management programme should provide details of the regulatory expectations/guidelines, impacted areas, and the changes required in the AML framework including policies, processes, and systems. For an AML change management to be effective, detailed assessment exercises must be carried out during the initial phases of implementation to determine all framework/system components that will be impacted. 

An effective bank-wide AML change management programme should, at the minimum, include the following:

1. Mapping regulatory requirements – creating an exhaustive catalogue of regulatory requirements, emanating from all applicable geographies; and identifying areas within operations, products, and services that will be impacted by the regulatory requirements.
2. Framework for change management – monitoring regulatory changes; identifying impacted areas; defining roles and responsibilities within impacted areas, and delivery of relevant information to the teams impacted by regulatory changes.
3. Roles and responsibilities – identifying impacted areas in the bank, identifying responsible staff within impacted areas; and assigning responsibilities to ensure compliance.
4. AML change management tool – implementing an integrated tool to receive alerts on regulatory changes; routing the changes/queries to relevant areas and subject matter experts; tracking the progress of ongoing compliance activities; monitoring the impact of on-going activities on other compliance areas, and monitoring its compliance till closure. 

Impact and/or changes to AML framework components typically tend to fall under one of the following categories—policies, processes, people, and technology. AML change management monitors ongoing changes in the overall AML framework for the entire duration of the implementation to ensure that all framework changes are well-coordinated and synchronised. It also needs to identify where the output in one component of the framework will drive changes in other components within the framework. 

During the course of the implementation, an AML change management programme should continuously monitor if the ongoing activities align with the ultimate objectives of the implementation, i.e., compliance with regulatory guidelines. Any deviations or lack of alignment with the overall objectives of the implementation need to be detected and reported by the programme so that corrective measures if required, can be deployed expeditiously.

The senior management of a bank is responsible for ensuring effective AML policies, procedures, systems, and controls are in place to manage risks in its business. Therefore, it is critical for senior management to have adequate governance over the change management programme. Given the AML change management’s holistic understanding of ongoing changes, it has the capability to collate relevant and pertinent data/information and present it to senior management for informed decision making. This can make change management an enabler for effective governance and oversight.  

AML framework/system changes often demand significant financial investments. Implementing a well-funded and well-staffed AML change management programme is vital for protecting those investments and effectively meeting regulatory obligations. An effective AML change management programme can provide comfort to the chief financial officers that their investments in AML change will bear desired results.