1 Copyright 2011, Oracle and/or its affiliates. All rights
Challenges in Implementing the Financial Action Task Force (FATF) recommendations on Risk Based Approach by R. Suresha CAMS 2 Copyright 2011, Oracle and/or its affiliates. All rights
Agenda Challenges faced in the Compliance space Oracle Financial Crime and Compliance Management (FCCM) Solution Risk Derivations Risk Rating and EDD Implementation approach Questions 3 Copyright 2011, Oracle and/or its affiliates. All rights
4 Copyright 2011, Oracle and/or its affiliates. All rights Challenges faced in the Compliance space
FATF Financial Action Task Force Recommendations Recommendations encompass financial institutions and governmental agencies Recommendations for financial institutions cover: Customer Due Diligence Proper identification of customer Identifying the beneficial owner Understanding the purpose and nature of business relationship Conducting ongoing due diligence Suspicious transaction reporting Measures to be taken with respect to countries that do not or insufficiently comply with recommendations Regulation & Supervision Recommends also encompass: Risk based monitoring Monitor all activities of customer Policy & Systems 5 Copyright 2011, Oracle and/or its affiliates. All rights
Financial Crime and Compliance Challenges Current Situation Weakness in Current Compliance Management Manual process to manage onboarding of new and changing regulations and internal policies pertaining to financial crime management Increasing Scrutiny from Regulators Regulatory pressures are increasing and more integration of financial crime systems and tie-backs into the compliance plans is expected Disparate Systems Multiple vendor and internal applications to cover AML, fraud, watch list filtering, trading compliance, and broker compliance with little to no integration without significant IT effort and cost Inability to Accurately Measure Compliance Status Lacking single, unified view of financial crime and compliance activity for up to the minute understanding of risks and exposures 6 Copyright 2011, Oracle and/or its affiliates. All rights
Financial Crime and Compliance Challenges To meet these challenges, I need to.. Create a More Effective Financial Crime and Compliance Approach Leverage core capabilities for financial crime surveillance, detection and event correlation along with watchlist management, investigation management, enterprise analytics and regulatory reporting in a single platform Streamline Management of Regulations and Policies Readily onboard new and changing regulations and internal polices Establish and manage enterprise-wide compliance libraries Consistently identify risk, perform self-assessments and establish related controls Consolidate and Correlate for Enterprise-Wide Context Drive operational efficiencies Automatically correlate alerts and events to make connections across systems Investigate financial crime with a single, enterprise-wide case management system Provide more accurate regulatory, management and ad-hoc reporting with data from all systems Assess Regulatory Compliance Effectiveness On Demand Measure results of investigations against established controls, risks, and self-assessments Obtain a 360 o view of compliance and group activity through ad-hoc reports and dashboards Fine-tune controls to ensure risk exposures are consistent with the institution s risk appetite 7 Copyright 2011, Oracle and/or its affiliates. All rights
8 Copyright 2011, Oracle and/or its affiliates. All rights Oracle Financial Crime and Compliance Management (FCCM)
OFSAA - Unified Platform for FCCM Performance Management and Finance Credit Risk Retail Credit Risk Corporate Credit Risk Treasury Risk Profitability Activity-Based Costing Loan Loss Forecasting Hedge Management IFRS 9 IAS 32/39 Funds Transfer Pricing Budgeting and Forecasting Performance Management Consolidation Reconciliation Accounting Hub Pricing Management Customer Profitability Analytical CRM Portfolio Analytics Marketing Analytics Service Analytics Comprehensive coverage, derived from deep core banking domain expertise, provides best of breed capabilities in key disciplines. Market Risk RAPM Asset Liability Management Balance Sheet Planning Liquidity Risk Regulatory Capital Basel II Retail Portfolio Risk Models and Pooling Risk Management Customer Insight Channel Insight Channel Usage Channel Performance Unified platform supports analytical intersections to address emerging or overlapping analytical needs without extensive re-wiring and rebuilding of supporting data infrastructure. Economic Capital Stress Testing Know Your Customer Economic Capital Advanced (Credit Risk) Operational Risk Economic Capital ICAAP Regulatory Compliance (Financial Crime) Governance & Compliance Governance and Compliance FATCA Anti-Money Laundering Broker Compliance Fraud Detection Trading Compliance Operational Risk OFSAA Oracle Financial Services Analytical Applications 9 Copyright 2011, Oracle and/or its affiliates. All rights
Comprehensive AML program AML+KYC Solution KYC EDD/ CDD Customer risk scoring Case Management AML Transaction Monitoring Transaction Monitoring Risk Based Monitoring Watch List Management Comprehensive Data Model Powerful Detection Engine Large library of Scenarios Enterprise Case Management Administrative tools 11 Copyright 2011, Oracle and/or its affiliates. All rights 11
Technical Flow Data Sourcing Aggregation And Derivation of Essential Data Scenario/ Patterns Analysis & Match generation. Gather all supporting data for effective analysis Client DW or Sources Historical Data copy To Archive Table Analysis & Reporting KYC Cases/Alert Assignment & Investigation Generate Alerts /KYC Cases EOD 12 Copyright 2011, Oracle and/or its affiliates. All rights
13 Copyright 2011, Oracle and/or its affiliates. All rights FCCM AML Risk Derivations
Risk Based Evaluation as part of Transaction Monitoring Various risk parameters are evaluated to arrive at a comprehensive rating for the customer, account and activity Risk parameters include Customer risk Account risk Entity risk Transaction risk Geography risk Watch list based risk etc Based on these risk parameter inputs, AML solution would calculate effective risk for business entities. In addition to risk, the concepts of Exempt Entities and Trusted Entities are to be considered. 14 Copyright 2011, Oracle and/or its affiliates. All rights
Entity Risk Bank can arrive at risk factors for business entities to create an Entity Effective Risk. 15 Copyright 2011, Oracle and/or its affiliates. All rights
Monitor Alerts effectively using Risk Scores Start alert from each scenario with a base score. Additional points can be added to the score based on a wide range of variables like (but not limited to): Prior matches Focal entity risk Aggregate monetary value involved in the alert Rules can use graduated scale for adding these points. For example, the score to be applied will gradually increase in relationship to an increasing transaction amount. 17 Copyright 2011, Oracle and/or its affiliates. All rights
18 Copyright 2011, Oracle and/or its affiliates. All rights FCCM KYC Risk Rating and EDD
Continuous Risk Assessment way to go KYC Collects customer information Verifies customer identity Assesses risk Public and Private Watch List Scanning Facilitates a review & approval process at account opening Assess the risk of customers throughout the lifecycle of their relationship with the firm AML Monitor transactions & behavior Generate profiles, using risk-appropriate thresholds Analyze and investigate Alerts using robust graphical tools Powerful dash boarding and reporting capabilities Produce SARs KYC Investigation Continuous Comprehensive Monitoring Transaction Monitoring & Behavior Detection Risk Assessment 19 Copyright 2011, Oracle and/or its affiliates. All rights
KYC Risk Rating Model CIP Risk score can be 0 if the documents are provided. For the Customer being reviewed: Customer CIP Risk Customer Core Risk ACR Parameters ( Dynamic scoring will be done) Account Geography Risk 5 Product Risk 20 Anticipated activity risk - 15 Geography Risk for Primary foreign wire source for FT- 5 Source of initial Funds 10 Stated purpose 5 Method of initial funding 10 Method of Account opening (online, Agent, in person) 10 Customer Core Risk - 20 For all Accounts that the Customer has a controlling role on: Account 1 Core Risk * Account 2 Core Risk * Account N Core Risk * Parameters ( Dynamic scoring will be done) Watch List Matches - 20 Geography 10 Citizenship 10 Country of taxation -10 Source of wealth 10 Occupation 10 Length of Relationship 15 CIP Risk 15 Customer Aggregate Account Risk Customer Effective Risk & Customer Effective Risk Category *As part of input to the Account Core Risk Calculations, the risk model also includes Customer Core Risk value for all customers with a controlling role on the account. CAAR (AVERAGE will be taken) Rating of the aggregate risk posed by all accounts on which a customer has a controlling role will be considered Overall rating for a Customer is arrived here CAAR risk - 65 CCR risk - 35 This final score goes as input to Transaction monitoring system 20 Copyright 2011, Oracle and/or its affiliates. All rights
Risk parameters Components Components IDV Watchlist Negative News Search CIP Country of Residence Primary Citizenship Secondary Citizenship Country of Taxation Source of Wealth Occupation Length of Relationship Country of Headquarter Country of Operation Industry Corporation Age Legal Structure Public Company Products Offered Markets Served CCR Products Geography Stated Purpose of Account Source of Initial Fund Method of Initial Fund Method of Account Opening Geography Risk of Anticipated Primary Foreign Wire Source Anticipated Activity Activity Exceeding Stated Anticipated Activity High-Risk Geography Transaction Count Activity Risk 21 Copyright 2011, Oracle and/or its affiliates. All rights
Requirements for Enhanced Due Diligence Customer Due Diligence Account Opening On-going monitoring Politically Exposed Persons KYC policy Requirements Comprehensive CDD for Private Banking Customers Additional KYC requirements AML/KYC Account On-Boarding Customer Identification Programs (CIP) Identity Verification (IDV) Customer Due Diligence (CDD) Enhanced Due Diligence (EDD) Continuous Risk Assessment Offshore Identity of known ultimate beneficial owners Residential address of individuals connected with corporate customers 22 Copyright 2011, Oracle and/or its affiliates. All rights
Risk Based Approach - Summary Comprehensive AML and KYC Risk approach should encompass Transaction monitoring by associating risk parameters linked to customers, Accounts and Transactions Risk based approach for Alert Management Risk rate customers to ensure EDD is complete and also use the results in Transaction monitoring 23 Copyright 2011, Oracle and/or its affiliates. All rights
24 Copyright 2011, Oracle and/or its affiliates. All rights Implementation Approach
Standard Project implementation Methodology 1 2 3 Move into production environment `! TIMELINE Bank identifies & extracts data required by AML solution as per AML solution DIS 1 2 3 Complete data assessment Complete Scenario Tuning and engagement testing Complete training and UAT! Go Live Activities 26 Copyright 2011, Oracle and/or its affiliates. All rights
Questions 27 Copyright 2011, Oracle and/or its affiliates. All rights
28 Copyright 2011, Oracle and/or its affiliates. All rights