Posted by & filed under AML General.

FinCEN has recently released a set of FAQs to assist financial institutions in understanding the scope of the new Customer Due Diligence Requirements.

The document helps clarify, and provides additional guidance on many aspects of the new CDD rules, such as which account and entity types would be exempt from the rule.  Financial institutions will have until May 11, 2018, to fully implement and comply with the CDD Rule.

Be sure to check out our earlier post on ways to identify ultimate beneficial owners!

 

Link to full document (pdf)

Posted by & filed under Negative News.

In 2005 I was the AML Officer for Riggs Bank overseeing an AML team and hordes of consultants.  Riggs was caught up in a whirlwind of regulatory, law enforcement and Congressional investigations.  Selling the bank was the only option, and before approving any sale, the regulators wanted a bunch of projects completed.

negative-news-batch-search-problemsOne of the projects involved negative news screening.

We “batch ran” a list of about 2,000 high risk client names against the leading negative news database.  That database, which I will not name, remains the industry’s “leading” source of negative news screening.

After nearly 4 months of work and hundreds of thousands of dollars in consulting costs here is what we found:

2,000 high risk customers were run against the negative news database generating over 30,000 “hits.”  From those “hits” there were zero (not one) investigation that uncovered information we needed to report to FinCEN.

Every so called “hit” (aka “alert”) was in fact either not related to the Riggs customer, the information in the database was incomplete, or the underlying information in the database was no longer available for review by the consultants.

Ultimately, the entire exercise was a waste of time and money.

 

What Exactly Is Negative News Batch Screening

Negative News batch screening has become a nearly universal process for financial institutions of all types and sizes.  Why?

There is a perception among AML professionals and regulators that the database products used to batch screen names contain vast amounts of information about people and entities that have engaged in, or alleged to have engaged in financial crime activity. If this were true, then negative news batch screening would in fact be a good use of resources.  But the reality is much different.

Negative news databases actually include only a very small amount of publicly available financial crime risk information.  How small?  Consider this:  the leading negative news database has about 2.3 million of what are often called “profiles” of individuals and entities who, according to the database company, present some sort of financial crime or regulatory risk.

Two million names may sound like a large number.  It is not. This year alone, more than 5 million new pieces of negative news data will be published.

This means that over the 15 years since AML groups first began using these negative news applications, the leading databases have not yet accumulated the equivalent of 5 months of publicly available negative news information!

Shouldn’t this be a problem for anyone relying on these datasets to actually find negative news information? This includes AML officers, AML investigators, and the regulators.

 

The Problems with Negative News Databases

 

They Miss More Information Than They Find info-iceberg

The fundamental challenge for any database is data. “Batching” or automating the screening of a list of customer names requires that there be another list against which your customer list is compared.  Such lists must be “structured.”  Think of a structured database as an Excel sheet with columns and rows.

To create these negative news databases, employees of the database companies read news articles and then select limited information to enter into the database. This is a slow, tedious and highly subjective process.  This is a problem of all databases that rely on human curation.  No wonder the datasets are so small.

And perhaps they are even smaller than many realize.

When these databases say they have 2 million records or “profiles” how many of these profiles are actually in fact just sanctioned entities listed by OFAC and other similar government agencies from around the world?  Including long lists of Politically Exposed Persons is another way databases increase their number of profiles.

No doubt every AML group needs to know if they are dealing with a sanctioned party or a PEP, but this begs a very important question that users of these databases should be asking:  Of the 2.3 million names how many are actually names harvested from true negative news?

 

Endless False Positives

One would think that with so little data in the databases, it wouldn’t be much work to run a list of customer names and find the very few (if any) that turn up in the database.  Wrong.

Instead of actually finding negative news that is about your customers, the AML department is deluged with “false positives” which is another way of saying, “unrelated results.”  This happens because names are not unique identifiers and trying to “match” one name against a batch of similar names creates all sorts of problems.

 

Today’s Reality

After more than 20 years in AML, I realize simply doing away with a process like negative news batch screening would raise eyebrows.  However, it is important that those paying for the direct and indirect costs of such batch screening negative news (and the regulators) realize what it is exactly that is being accomplished, what is not, and at what price.

 

What is Needed for Negative News Screening

Many parts of AML compliance remain untouched by the technological advances that have changed nearly every aspect of our lives.  In 2016, AML professionals and the regulators should expect technology to enable much more from negative news applications, including:

  • Finding as much publicly available negative news as possible – in real time.
  • Drastically cut down on false positives or unrelated information.
  • Simplify search techniques so entire AML departments work consistently.
  • Easy and fast ways to fully document all negative news search results.

Negative news searching remains a fundamental element of identifying, reporting and reducing risk.  It is time to improve how it is done.

TransparINT solves the problems caused by the existing crop of outdated negative news applications.  Contact me at david@transparint.com or (202) 641-7485 to see how.

Posted by & filed under Negative News, Research & Investigation.

newsAs part of their work, due diligence analysts and suspicious activity investigators must properly search for “negative news” information.  If they do not, an AML program cannot be considered effective.  Recent enforcement actions, fines, and personal penalties against AML Officers prove this point.

What, however, is meant when AML professionals refer to “negative news?”

The term “negative news” emerged on the AML scene nearly two decades ago when banks first began to address financial crime risk.  The term, as it is currently used, does not capture the wide array of searching and research practices that must be carried out every day by AML analysts and investigators in order to comply with regulatory rules and expectations.

Operating without clarity around what constitutes “negative” information and how it should be found, creates serious risk for AML officers, AML compliance programs, financial institutions and even the regulators.  If an AML officer thinks “negative news” is a term related to media reports and not much else, then his or her program is likely weak and ineffective.

 

The Definition of Negative Information

When hearing the term “negative news” most AML professionals imagine newspaper articles reporting information about local, national or international crime.  Searching for and finding such news articles is essential for strong AML compliance.  However, “negative news” entails much more than just newspaper stories.

“Negative news” (also referred to as “adverse media” or “derogatory information”) is a euphemism.  A better way of thinking about what due diligence and suspicious activity analysts are searching for is really, “all publicly available relevant risk information.”  That is a mouthful and not likely to be coined anytime soon into AML lexicon.  However, finding “all publicly available relevant risk information” is what AML programs must do to be effective and safe from regulatory and enforcement penalties.

 

What Is “All Publicly Available Relevant Risk Information?”

In addition to newspaper and other media reports, here are other sources of relevant public risk information that all AML due diligence and suspicious activity investigators need to search:

  • Sanctions and Watch-Lists – Searching lists is often done automatically at account opening.  But often those under investigation are not customers.  Analysts and investigators need to search dozens of sanctions and watch-lists including all those published by U.S. departments such as Treasury, Commerce, and Justice.  In addition, lists from the European Union, United Kingdom, Canada, Australia and lists from key FATF countries need to be considered based upon the circumstances of the investigation.
  • High-Risk Business Registrations – These include lists like registered Money Service Businesses, licensed marijuana business, casinos, and other such entities considered high risk by AML compliance professionals and regulators.
  • Regulatory Filings and Databases – SEC and FINRA disciplinary actions are two examples.  Many U.S. states and foreign countries have similar lists and databases reporting violations and penalties that would be of interest to an AML investigator.
  • Blogs and other Non-Traditional Media – Sites that report issues involving corruption, human trafficking, and investor frauds such as “HumanTraffickingSearch.net.”
  • High-Risk Non-Profit Watchdogs – Think of the Panama Papers published by The International Consortium of Investigative Journalist, Transparency International’s “Corruption Perception Index” or Freedom House’s “Freedom in the World” rankings.
  • International Organization Databases – A good example is the World Bank’s Stolen Asset Recovery or “STAR” database as well as Wanted Person lists from Interpol.
  • Traditional News and Media – The largest source of negative news, but just how large is it and how much of it do AML analysts and investigators really search?  There are hundreds of thousands of news sources all over the planet.  From the Brown Deer Herald in Wisconsin to the Bangalore Mirror in India, these sources publish more than 15,000 new negative news article about financial crime every day.

negative-news
So whether you are an AML Officer, and AML analyst or a regulator, the next time the phrase “negative news” arises, realize that it is so much more than many think it to be.  In that fact lies a great deal of risk because existing applications used by AML analysts and investigators capture only a small fraction of the publicly available relevant risk information.

 

We will be writing more about this issue and the risks it poses to AML officers in the next few weeks.

 

Posted by & filed under Research & Investigation.

Need help tracking down the link to the Hong Kong Companies Registry or the U.S. Postal Inspection Service’s Most Wanted List (here and here)?

We have just updated the free investigative resources section on our main site.  Some of the more popular categories are the sections for International Corporate Registries, Sanction/Watch Lists, and Visualization Tools.

Please also feel free to share any investigative links and we will add them to the page.

 

investigative_resources

Click here for investigative links

Posted by & filed under AML General, Negative News.

raymond-james

Last week FINRA fined Raymond James & Associates, Inc. (RJA) and Raymond James Financial Services, Inc. (RJFS), a total of $17 million for widespread AML compliance failures.  Most notable perhaps was this fact:  RJA’s former AML Compliance Officer was personally fined $25,000 and suspended for three months by FINRA, effectively ending her AML compliance career.  According to J. Bradley Bennett, FINRA’s Executive VP of Enforcement, additional anti-money laundering and enforcement cases are coming soon.

So what can be learned from the Raymond James fine to make sure your institution (and you) are not the next focus of FINRA or other regulators.

Plain and simple, the Raymond James companies and AML Compliance Officer were “fined for allowing certain red flags of potentially suspicious activity to go undetected or inadequately investigated from 2002 through 2013.”

Looking at the FINRA order, it becomes very clear the Raymond James failure was a failure to identify and analyze publicly available adverse media information, and a failure to conduct proper suspicious activity investigations.

 

Examples of AML investigations that were identified as deficient:

  • When RJA conducted due diligence on an Ecuadorian bank customer at account opening, RJA’s adverse news information service identified a negative news report about the Ecuadorian bank’s subsidiary.  RJA contracted with a third-party vendor to obtain adverse news information about customers and potential customers, but rather than having the vendor send the reports to the RJA AML Department, RJA had the vendor send reports to the RJA Credit Department.  Adverse news information was not available or consistently escalated to the RJA AML Department, and in the case of the Ecuadorian bank’s subsidiary news, RJA’s Credit Department did not escalate the report to the AML Department to consider since the news did not directly involve the RJA customer.  RJA conducted diligence on the bank customer’s president, but not the individual who had trading authorization over the account.  If RJA’s AML Department had received the negative news about the bank’s subsidiary and reasonably investigated the news and the customer’s control person, it would have identified negative news that the person who held trading authorization and the subsidiary of the Ecuadorian bank each had been sanctioned by FinCEN and OCC for AML deficiencies.

 

  • RJA did not reasonably investigate suspicious wire transfers sent from the personal account of a RJA foreign affiliate’s financial advisor into the accounts of his own foreign customers.  In total, 194 customers of the same foreign financial advisor transferred over $10 million in third-party wires to a non-RJA client unregistered currency exchange business in the United States.  RJA and Busby (the AML Officer) eventually opened an investigation in March 2012, which Busby conducted herself, into the non-client unlicensed currency exchange business, but the investigation was inadequate.  For example, RJA failed to identify news reports that the non-client unregistered currency exchange business in the United States had been sanctioned by the U.S. Department of Treasury in 2009 relating to embargo program violations.

 

  • RJA and Busby identified some red flags associated with the outgoing third-party wire transfer of $250,000 to a Panamanian bank account, but failed to reasonably investigate multiple red flags, which included: ( 1) the round dollar amount; (2) the stated purpose of ”export banana shipment” was inconsistent with the accounts’ prior activity relating to gold mining; (3) the individual receiving the funds was in Ecuador but the funds were transferred to Panama; and (4) the Letter of Authorization provided to RJA by the customer was dated a day before the invoice provided by the customer. One month after the RJA investigation, the owner of the Panamanian account was subsequently arrested in Venezuela and deported to Colombia for alleged money laundering.

 

  • RJA’s failure to reasonably monitor journaling between accounts, combined with its failure to reasonably monitor incoming wires and inadequate investigation of red flags, also caused RJA to fail to adequately investigate activity in the 18 accounts related to an RJA customer JCM.  JCM-related entities actively moved funds between the 18 accounts, often with no trading activity, including movement of $2 million to a South Korean bank account for the benefit of a third-party.  In 2013, RJA opened two investigations into transactions in the JCM-related accounts, one after the $2 million wire appeared on the Foreign Disbursements Report and one after an SEC request relating to JCM, but these investigations failed to reasonably investigate all of the JCM-related account activity.  RJA also closed 70 alerts generated from the Excessive Wires Report for these accounts without any documented rationale.

 

  • RJA’s failure to have reasonable reports to review for patterns and trends across trading activity also led to the firm’s failure to identify red flags in the accounts of a foreign bank, BP.  Over the period of January 2012 through October 2013, in which Busby was the RJA AMLCO for approximately thirteen months, BP engaged in short-term in-and-out trading of over $70 million in U.S. Treasury Bonds.  Many of these transactions were in round dollar amounts, and many of the sales were followed by the almost immediate purchase of the same bond at a higher price which appeared to lack economic purpose.  Such in-and-out activity without economic purpose by a foreign entity was a red flag of suspicious activity that was not detected by RJA or Busby.

 

The two overwhelming themes in the above examples are the failures to identify and escalate public adverse media and risk information and the failure to identify transaction red flags indicative of high risk activity.  Even with all of the policies in the world in place, if an AML group is understaffed, lacks training, or doesn’t have the adequate tools to perform their function there will continue to be lapses similar to what was seen at Raymond James.

 

Further Reading: More details of the RJA’s failures are chronicled in a great article here written by Brian Monroe

Posted by & filed under Research & Investigation.

panama-papersJust over a week ago, the International Consortium of Investigative Journalists (ICIJ) released a searchable database of companies, people, and addresses named in the Panama Papers.  In addition to the online search tool, the ICIJ also released a downloadable version of the same information.  Below is a brief overview on how to download the database, and information on its content and uses.

How do I download the database?

While the ICIJ makes the database accessible in a few different formats and methods for downloading, the easiest way for the majority of people to access the files will be through the comma separated value (CSV) file link on this page.  All of the CSV files contained in the download can be opened in Excel.

If you are technically minded or feeling ambitions, the ICIJ also made a distribution of the graph database Neo4j available with the data in it.  This allows users to query the database and visually explore the connections between people and companies.   Something to keep in mind, this method will require you to download the Neo4j software on your computer, which may not be allowed by your company’s IT department.

 

What’s in the file?

Once you download and unzip the folder, you will see the five files contained below.  As mentioned previously, all of the included CSV files can be opened in Excel.

 

panama-papers-files

 

Below are the descriptions from the ICIJ to understand what each file contains.

Offshore Entity: A company, trust or fund created in a low-tax, offshore jurisdiction by an agent.

Officer: A person or company who plays a role in an offshore entity.

Intermediary: A go-between for someone seeking an offshore corporation and an offshore service provider — usually a law-firm or a middleman that asks an offshore service provider to create an offshore firm for a client.

Address: Contact postal address as it appears in the original databases obtained by ICIJ.

You will also notice the “all_edges.csv” file; this can be disregarded.   It’s purpose is to map the links between the parties in the file for graphing relationships.

 

More than the Panama Papers

While the Panama Papers have gotten all of the recent publicity, the above files also contain data from the ICIJ’s previous “Offshore Leaks” investigation.  The Offshore Leaks Database contains more than 100,000 companies, trusts and funds created in offshore locales such as the British Virgin Islands, Cayman Islands, Cook Islands and Singapore.  Below is information from an ICIJ article when the data was released in June, 2013.

The data are part of a cache of 2.5 million leaked offshore files ICIJ analyzed with 112 journalists in 58 countries. Since April, stories based on the data — the largest stockpile of inside information about the offshore system ever obtained by a media organization…

 

How can I use this information?

A definitive way to utilize this information is to analyze it for trends or patterns that could have a risk impact on your company.  There are several data mining solutions that could help with this task, but the majority of people reading this will be limited to analyzing the data in Excel.  Luckily, one of the most useful tools to extract significant information from large and detailed data sets are pivot tables, which are available in Excel (tutorial).

For example, if you are looking to identify frequently used addresses by shell entities, a pivot table of the address field of the “Entities.csv” would produce the below most frequently used addresses.

 

panama-papers-addresses

 

In addition, once the information is summarized it can easily be visualized using Excel’s charting features.  Below is a chart based on a pivot table of the country field in the “Entities.csv” file.

 

top-countries

 

The above examples are the very tip of the iceberg of what is possible with the data.  And even if you don’t have a need to review the above files, the ability to create pivot tables and analyze large data sets is a tremendous advantage to all financial crime compliance professionals.

Posted by & filed under AML General, Research & Investigation.

SAR_formSorry, a blog article can’t actually tell you to file a SAR or not.  The decision on whether alerted transaction activity raises to the level of SAR filing is complex and requires a large amount of human judgment and analysis.  But everyday thousands of AML analysts are expected to make these tough decisions with uncertain information and pressure from mounting workloads.

It’s easy to get distracted when gathering and processing all of the information involved in dispositioning an alert.  Even though every case has unique aspects, and there are dozens of different factors that should be taken into account, there are essentially two questions that need to be answered when making a SAR filing decision.

  1. Are the transactions in line with the account’s purpose, profile, or nature of business?
  2. Is there any outside information that would increase the risk level related to the transaction or parties involved.  This could be negative news, political exposure, sanctions, a high number of prior investigations, subpoenas, etc..

We have put together the below flowchart to outline how the above questions could be integrated into the decision making process at its most basic level.  For a printable PDF version, please click here or on the below chart.

 

sar-chart

(click for printable PDF version)

 

We had a lot of internal discussion on how to make this chart as simple, but as comprehensive as possible.  The original chart was quite complex and had more than twice the number of decisions!  But the chart is not meant to cover every possible scenario, or to outline how to conduct an AML investigation.  It is meant to distill the core questions that need to be answered as part of every alert disposition; the decisions AML analysts must make multiple times a day, everyday.

Hope you find this helpful, and we would love to hear your feedback.

 

Additional SAR Resources:

Posted by & filed under Research & Investigation.

I was recently reading one of Kenneth Rijock’s articles that identified an office manager at a Mossack Fonseca subsidiary would frequently use different name variations on documents.  The article highlighted that

“this is a technique specifically designed to foil any investigation that seeks to find a pattern, or course of dealings, in financial transactions.  It is a method of deception often used by financial criminals.”

It also provided a list different name permutations that she used, such as using a compound or hyphenated last name and using the middle name as a last name.  Even when someone is acting in good faith, it is common for a name to be written different ways, so this seemed like a fun weekend project to tackle.

The Name Variation Tool is a small utility that will automatically create potential name combinations without having to manually write each one out.

Name Variation Screen Shot

 

Before using the tool, there are some important things to know:

  • This tool only performs mechanical combinations based on the name entered.
  • Specific ethnic or regional naming conventions are not taken into account.
  • Names are also not substituted with alternate spellings or nicknames.
  • The tool is currently set up to work with names that contain up to 5 parts.

I can not stress enough that this tool is meant to be a time-saver, and not meant to replace specific understanding of different cultural naming conventions or proper search techniques.

Hope you find it useful, and if you have any ideas or suggestions for improvements, I would love to hear them.

Posted by & filed under Research & Investigation.

offshoreWith the recent release of the Panama Papers, now seems like an ideal time for a blog post on red flags and investigation strategies related to shell companies.  A shell company is a legal vehicle (LLC, LP, etc.) that typically has no physical presence (other than a mailing address), and generates little to no independent economic value.  Although they are not illegal and can have many legitimate business purposes, they are commonly used to facilitate illicit activity, including money laundering and tax evasion.

What makes shell corporations suitable for illegal behavior is the secrecy they can provide their ultimate owners.  Anyone who has been involved in AML transaction monitoring or investigations has most likely run into one of these companies and had their case hit a road block.  Below are some investigative strategies to help get more information related to these companies, and also a list of shell company related red flags.

 

How to Investigate

Before you can determine if any suspicious activity has occurred, it is important to gather and analyze all available information related to the companies involved.  Below are some actionable strategies that have been successfully used in real-world investigations involving shell companies.

Utilize corporate registers, web, and news sources
corpsearch.net

These are the traditional first steps when trying to identify who is behind the company and if there is any risk relevant information related to the entity.  Check out our earlier post on tips for identifying ultimate beneficial owners for additional details.  It is also crucial at this step to try to identify any adverse media or negative news on the company or it’s directors.

Identify & review network of related parties

Even if you can’t identify the ultimate person behind the company, in many instances, there are common elements that can reveal more information about the company.  These include:

  • Incorporation address
  • Nominee directors or managers
  • Intermediary or incorporation service
  • Other counterparties (see below)
Search wire activity for counterparties and multiple levels deep

A common scenario involves an analyst reviewing an alerted transaction where their FI’s client either sent or received a wire transaction from a shell company.  In many cases, because of the lack of information on the company, the analyst reaches a dead end.  Instead of stopping there, a good strategy is to search for wire activity for that shell company.  Even if they are not a client of your FI, there is a good chance they had transactions with another customer, or through a correspondent banking client where the activity should be visible to you.

This will give you a good idea of the other types of companies the shell company is interacting with, and the types of transactions.  It will also give you more information on building out a network of related parties.   Although not always practical since time is a serious consideration for analysts, it is also possible to try to continue to follow the counterparty wire activity multiple levels down to see where funds end up.

 

shell-company-visible-transactions

 

Red Flags

Below is a FinCEN list of red flags commonly cited in Suspicious Activity Reports involving shell companies.  You can utilize all of the information gathered and analyzed during the investigative process to determine how closely your case matches with the below indicators.

 

  • An inability to obtain – whether through the Internet, commercial database searches, or direct inquiries to the foreign correspondent bank whose customer is the originator or the beneficiary of the transfer – information necessary to identify originators or beneficiaries of wire transfers.

 

  • A foreign correspondent bank exceeds the anticipated volume projected in its client profile for wire transfers in a given time period, or an individual company exhibits a high amount of sporadic activity that is inconsistent with normal business patterns.

 

  • Payments have no stated purpose, do not reference goods or services, or identify only a contract or invoice number.

 

  • Goods or services of the company do not match the company’s profile based on information previously provided to the financial institution.

 

  • Transacting businesses share the same address, provide only a registered agent’s address, or raise other address-related inconsistencies.

 

  • An unusually large number and variety of beneficiaries receive wire transfers from one company.

 

  • Frequent involvement of beneficiaries located in high-risk, offshore financial centers.

 

  • Multiple high-value payments or transfers between shell companies with no apparent legitimate business purpose.

 

Take-Aways

There is nothing inherently wrong with shell companies, but the added risk lies in the opacity they provide the true parties behind the transaction.  Even without knowing the ultimate owners, in many cases it is possible to identify negative news or other risk relevant information on a person, entity, or address closely related to the shell company.  This information, in addition to the transaction activity itself, may be enough to push the case into SAR filing threshold.  It is also important to remember to stay focused on your financial institution’s exposure to risk when going down the the shell company rabbit-hole.  It is very easy to get so caught up in the investigation that you realize you stopped researching parties with any relationship to your bank a hour ago!

 

Posted by & filed under Negative News, Research & Investigation.

Search_KeyToday, thousands of AML analysts from financial institutions all around the world sit at their desks, making serious decisions about customer risk and suspicious activity.  Each is fulfilling critical components of AML, but each is also saddled with applications that make their jobs more difficult and ultimately jeopardize compliance.

When making due diligence and suspicious activity decisions, analysts must find and consider the implication of negative news information concerning a customer, counterparty, or beneficial owner.

Analysts need applications that help search for and discover negative news.  The problem for them, and the institutions for whom they work, is that the negative news applications used today fail to achieve the five necessary components of effective negative news searching.

For negative news research to be effective it must achieve the following five critical objectives.

  1. All information that can be searched is searched.
  2. Search results must be relevant to financial crime AND the person, company or entity that is being searched.
  3. Searching must be performed consistently by the entire AML team.
  4. Analysts must be able to move fast through results.
  5. There must be proof of what was searched, how it was searched, and the results.

Unfortunately, negative news applications like risk intelligence databases, news libraries, and search engines fail to achieve any of these five requirements.

  • Databases and news library applications are exceedingly limited in the amount of information they contain. How search engines return results is known only to the search engine, and each search engine has different levels of coverage.  Google doesn’t have everything Bing has, and Yahoo may return information Google and Bing don’t.
  • Scrolling through screen after screen of “false positives” slows down work. It is monotonous, boring, and frustrating for analysts.  This creates an environment where important information is missed, work takes too much time, and costs increase.
  • Searching for information in databases, news archives, and search engines has become a skill all its own.  Every analyst must develop their own “tricks of the trade” to find information.  This means searching is inconsistent.  Inconsistency in AML is risky.
  • Compliant work is documented work. When analysts review customer transaction history they record key information about the accounts and date range of the activity they reviewed. A manager, an auditor or a regulator can review this work to ensure procedures were followed and the outcome of the investigation is reasonable.

Unfortunately, when using negative news applications there is no way to truly document what was searched, how it was searched, and the results that were reviewed.  Instead analysts either write a statement in the case file like, “no negative news information was found” or they go through a “copy and paste” exercise trying to show a page or two of Google results.  This means there really isn’t a way for management, an auditor, or regulator to feel confident about the negative news portion of an investigation.

Effective AML compliance requires many critical steps.  One particularly critical step is the ability for every AML analyst to properly search for, find, and consider the impact of negative news information.  Unfortunately, the applications used today – many of which were built more than 20 years ago – fail to help analysts achieve these objectives. It is time for this to change.