Financial crime is increasing in frequency and sophistication, damaging financial services firms' bottom lines and reputations. Keeping up with the criminals is taking more of firms' and regulators' time, money and energy as they scramble to detect and deal with crimes ranging from identity theft to insider trading and mortgage fraud.
In the UK, online banking fraud has more than doubled since 2007 and globally large-scale financial crimes continue to make the front pages. UBS is facing accusations of money laundering on behalf of the Islamic Republic of Iran. While in Milan, Depfa Bank, Deutsche Bank, JP Morgan and UBS are answering fraud charges related to the sale of derivatives. In the UK, the Financial Services Authority is in the midst of what is thought to be the biggest-ever insider trading case involving Deutsche Bank and the hedge fund Moore Capital, among others.
It's not just the headline-grabbing frauds that are keeping financial services executives and regulators awake at night. The more mundane kinds of financial crime have served to focus firms' attention on financial crime risk management. A new class of tech-savvy criminal is finding fresh ways and means of committing fraud. As more consumers turn to the Internet for banking and other transactions, the instances of fraud, especially those related to identity theft, have soared. Financial institutions must be on their guard to at least maintain the status quo, let alone deal with the new crimes taking place.
Chartis predicts the global recession will increase the frequency of internal fraud, security breaches and false accounting. Firms are particularly vexed by insider fraud, because of the subsequent damage to reputation. Accordingly, they are devoting more resources to fighting this kind of fraud.
On the back of the increase in the occurrence and complexity of financial crime, Chartis forecasts the global market for financial crime risk management technology will grow to $4.19 billion by 2013, at a compound annual growth rate of 15%.
Fraud and money laundering are still the most common crimes within financial services. The proliferation of all types of financial crime, however, is keeping financial crime risk management and associated compliance requirements atop senior executives' agendas. Already many firms have adopted a risk-based approach to managing fraud and money laundering. This approach requires establishing firm-wide policies, procedures and systems that identify, alert, assess and monitor the risk of financial crime.
Surprisingly, many financial institutions still do not formally measure crime-related losses. That is starting to change. The large cost of losses stemming from financial crime has motivated firms to improve their financial crime risk management systems. Those that are quantifying the losses from fraud have been able to formulate meaningful cost-benefit cases to add to their proposals to improve their overall risk management processes and systems for financial crime and fraud.
Despite the critical nature of financial crime risk management, the norm at most financial institutions is to approach the task on a so-called siloed basis. Firms tend to use separate anti-fraud and anti-money-laundering systems for each business unit, which requires multiple databases. This multiplication of efforts creates extra expense, inefficiencies and data quality issues. Perhaps most crucially, the siloed approach inhibits a firm's ability to create internal links between business units and generate the intelligence required to combat criminals.
Chartis recommends that enterprise-wide financial crime risk management processes and technology should be based on the establishment of a single, integrated platform, using common technology components and data models, while eliminating gaps in functionality, duplication and inefficiencies. The technology platform must cater for all types of crime and provision for real time, online as well as static and offline data analysis.
Ultimately, the financial crime risk management platform should be a subset of an enterprise-wide risk management system that provides decision makers with a snapshot of total risk through a dashboard function.
The implementation of an enterprise-wide strategy is by no means a simple task. Some institutions are just too large and complex to put such a system in place easily. In that case, Chartis recommends integrating results from multiple systems by using an umbrella business intelligence layer. It is also desirable to select vendors with scalable solutions, meaning those that can best meet a firm's present and future needs. They should have the capability to evolve quickly and keep pace with new criminal trends. Importantly, institutions should do a cost-benefit analysis contrasting the best-of-breed, multi-vendor product strategy against the extensive product integration necessary to achieve an enterprise-wide picture of the impact of financial crime.
This report is an update of one first published in 2009. It highlights the key strengths of Norkom, one of the leading vendors within the financial crime risk management sector. It features new information on Norkom's capabilities and Chartis' views on the overall competitive landscape.