On Thursday, April 8, 2021, The ACAMS New York Chapter hosted a virtual event titled How Banks Can Use Behavioral Analytics to Detect Suspicious Activity, which was sponsored by Kaufman Rossin & Co.
The event was moderated by Drew Bach (VP - BSA Manager, The First National Bank of Long Island and ACAMS New York Chapter Board Member) and included the following panelists: Pawneet Abramowski (Chief Compliance Officer, Community Federal Savings Bank); Nishi Gupta (Head Of Compliance, Eco); B.J. Moravek (Director, Kaufman Rossin & Co., P.A.); Nirvana Patel (Head of Core & Financial Crime Compliance, Prime Trust); and Peter Piatetsky (Co-Founder and CEO, Castellum.AI).
Supporting event materials can be found here.
The discussion began with an explanation that behavioral analytics is simply defining a behavior and using data to look for that behavior. The topic shouldn’t be intimidating – it can be used on a small and simple scale or as the bedrock of a program. The panelists then spoke about the importance of understanding the available data, which includes the patterns of data that can be used for analytical purposes and the relevant data governance processes. Additionally, it’s helpful to conduct a risk coverage assessment to ensure that the appropriate data (including third party data) is being leveraged (e.g., it was noted that certain FIs are still screening the names of the 911 hijackers). All of these actions can help financial institutions to reduce unproductive alerts.
The panel then discussed the use of the data for behavioral analytics purposes. Behavior analytics is becoming increasingly important as compliance processes are becoming more automated and analytical. Financial institutions are therefore now reviewing how to take legacy systems to the next level. In terms of actually implementing these tools, it can be valuable to start small and be specific. It’s important to find an area of focus and to break down the components of what should be looked for within the data. The various models of division of labor and ownership within an institution were also discussed, which include: technology as a service provider to compliance; technology and compliance sharing the development lifecycle; and compliance building its own technical stack. While tools as common as Excel can be used for behavioral analytics, if a financial institution chooses to leverage software for behavioral analytics, it’s critical to make sure that tools are compatible with an institution’s core banking systems.
Key Takeaways include:
You don’t have to be a coder to use behavioral analytics – you need to understand your data, your risks, and specific activity that you want to identify.
Compliance officers should leverage resources from other internal groups (e.g., marketing and sales teams) that leverage similar analytical processes.
Effective financial crime programs have to figure out the right marriage between qualitative and quantitative, and while good data and technology is needed today and will become even more essential over time, the best programs are able to continuously incorporate a view and understanding of the real world risk and behaviors that they are trying to identify and mitigate.
The Compliance professional’s role has advanced into a role that is increasingly tech savvy coupled with regulatory risk expertise. Compliance has access to an increasing amount of data, which can be used much more proactively now rather than being reactive. Anti-crime professionals require a diverse set of expertise in its members and not just the same old skillset.
The compliance team should document its requirements, and the systems team should document how those requirements were satisfied because many misunderstandings can be resolved by writing things down. Honor the time-tested practices of change management, and they will help set you up for success.
Ensure you know your data quality as this is the first step to remain in compliance, cutting costs and alerts, and enabling your business. High quality data means that you can set a higher search threshold, have stricter alert categories, and simplified review because decisions should be clearer.
Start small and with what you know. Do you have a rule that has been effective at identifying suspicious activity? Focus on enhancing that rule with new features. Another option is to instead focus on good behavior, which can be easier to define and develop. Lastly, remember to leverage resources outside of compliance that are likely already using behavioral analytics, such as marketing and sales.