Vietnam crab exporterVietnamese mud crab exportsoft-shell crab exportersoftshell crab exporter

Breaking down the silos

MONDAY, JUNE 06, 2016
Breaking down the silos

MORE and more companies are starting to realise that organisational barriers between cybersecurity, anti-fraud, and anti-money-laundering (AML) teams are diminishing the effectiveness of firm-wide ability to combat financial crimes.

 
All too often news of an “attack” involves some form of cyber-breaches, followed by some form of fraud and money laundering. Traditionally these crimes have been handled individually within their own silo. Communication among these silos has generally been minimal. For companies to combat these threats effectively, it is clear that the silos need to be torn down. 
Banks are leading the way and experimenting with financial crimes units (FCUs), combined entities responsible for monitoring and responding to malfeasance. Overcoming corporate politics is the biggest challenge, but in areas such as data analytics, success stories have been consistently reported.
Financial-crime data analytics allow data scientists to string together a chain of events from cyberattacks, ranging from account takeovers (fraud) to wire transfers to a safe haven country (money laundering). It naturally serves as the backbone for the convergence but, more important, it enables companies to be more proactive in detecting fraud, which subsequently prevents money laundering. 
As stated by Jim Freis, former director of the US Treasury Financial Crimes Enforcement Network, “By fighting fraud, you are fighting money laundering.”
Additionally, sharing of information-technology assets and resources enables more streamlined information exchanges among cyber, fraud and AML teams. All groups are investing with similar big-data technologies -– advanced analytical tools that are used by the cyber team to investigate data breaches and by the AML team to scrutinise suspicious transactions. 
Integrating these into a single fraud-information exchange would go a long way towards making sure one hand always knows what the other is doing. A comprehensive IT strategy will minimise loopholes by layering controls at each step in a process. 
Many organisations have a patchwork of IT solutions that are not integrated and unfortunately turn into points of compromise.
The mindset of anti-financial-crime professionals also has to evolve and converge to keep up. Many organisations view cybersecurity as a proactive response team while AML is a reactive function to file regulatory reports and maintain compliance. Nothing can be further from the truth. 
Financial-crime prevention is becoming more proactive with advances in predictive modelling and machine-learning capabilities that detect and identify anomalies that could indicate cybercrime, fraud or money laundering. 
If an operations team is organised in silos, where are these anomalies routed to? The first line of defence is a likely candidate for integration. Alerts are vetted by a pool for financial-crime specialists who either close them or escalate them to the second-level support team who are more specialised in relevant areas.
A big-bang approach doesn’t work in any transformational programmes, so it is best to focus on an area where convergence makes sense. Cybersecurity, anti-fraud, and AML must discover what they have in common, identify mutual strengths and weaknesses, and move towards an effective fusion of functions, processes, and mindsets. 
By working together, each group can dramatically enhance the effectiveness of the other, and there is simply too much at stake for them to continue working in isolation.
 
Sam Samod is director for forensic services at PwC Consulting Thailand.