SAR reporting is a standard duty amongst AML transaction monitoring investigators everywhere. Making sure any anomalous activity is investigated, and any potentially suspicious activity is escalated, is the backbone of preventing money laundering and terrorist financing. Every investigator knows the drill when it comes to SAR templates, from basic contact details down to a detailed essay on the particulars of the suspicious activity. A URL is generally included if found, but the time has come to start going deeper and including more cyber data in the fight against one of the most nefarious forms of crime: cyber financial crime.
A December 2015 announcement from FinCEN Director Jennifer Shasky Calvery focuses on the value of SARs in combatting cyber threats.
She notes in her speech that adding in details such as IP addresses, time stamps, e-mail addresses, the nature of the suspicious activity, and any relevant information to the target of the attack can help FinCEN deflect cyber-attacks by spotting patterns, following the money trail, and identifying networks of money launderers. For example, Director Shasky Calvery noted that SARs filed by several different financial institutions played a critical role in helping FinCEN and the FBI trace $7 million in fraudulent withdrawals from an account in Florida to criminal groups in Eastern Europe.
This announcement perfectly lines up with the aims of the Cybersecurity Information Act of 2015, which allows the Department of the Treasury (among other agencies) to gather and share information related to cyber security threats.
As banks are increasingly pressed for resources and time to complete quality investigations, a new solution is needed to assist in the continued fight against financial crimes. Compliance officers race against the clock to investigate suspicious activity within tight deadlines and more often than not, there is little time allotted to do “deep dive” investigations. Adding a new component, such as cyber data, will likely lead to compromise in another area of the investigation, be it data integrity issues or not enough enhanced due diligence on higher risk clients.
The use of smart data and sophisticated technology, as well as a centralized investigations platform, can help alleviate regulatory concerns and allow for more enriched investigations. Next Angles can do all of this and more, from pre-populating data fields with information pulled in from internal bank systems as well as external data sources, to automating the assessment of potentially suspicious financial transactions and compiling all the data into one streamlined workspace. A compliance program utilizing technology that reduces the potential of human judgment errors, automates processes, incorporates regulatory policies and procedures into compliance software and systems, and provides a localized platform for data gathering and presentation is a great tool for financial institutions looking to beef up cyber crime prevention measures.[This is part 2 of the Cybersecurity Series. Part one is here.]