The initial phase in the lifecycle of financial crime risk deals with threats that have not yet affected the institution; this can be thought of as the programs and activities to halt any suspicious or non-compliant activities before they become an issue.
For financial services organizations (e.g. banks, investment banks, insurance companies, credit card companies and stock brokerages), many of these activities require a great deal of resources and insight into customers that may not be available or easy to aggregate. These examples highlight the complexity of prevention and associated risks:
(a) Stopping suspicious persons from opening accounts or moving funds into the institution prevents risk to the institution, but may also turn away legitimate customers, thereby decreasing new business.
(b) Balancing the risk of doing business with suspicious entities without completely closing off from high-risk regions in which valuable customers and businesses reside or do business.
(c) Deterring illicit actions from internal and external parties diminishes threats, but may cause unwieldy and frustrating controls, thereby inadvertently upsetting customers, partners, or employees.
(d) Ensuring the network isn’t being used with infected devices requires constant vigilance, dedicated resources, and an understanding of the ever-shifting digital threat landscape.
(e) Determining the suitability of new clients and their own risk appetite according to the appropriate regulations requires ongoing training and education of personnel.
(f) Identifying potential risk areas and challenges having to do with client relationships, accounts, information, and transactions before a problem occurs is both extremely valuable and extremely difficult with information silos across complex institutions.
The challenge of preventing financial crime risk is extremely difficult, perhaps more difficult than that the other phases of the financial crime risk lifecycle. It requires a delicate balance between legitimate activity and risky activity, often with little or no transactional or behavioral background (i.e. in the case of opening a new account). In addition, the time required to make these decisions is typically quite short, with a yes or no decision oftentimes meaning the difference between a customer relationship for the next decade and giving business to a competitor.
However difficult it may be to do, identifying not just active, but also potential threats, enables financial services organizations (e.g. banks, investment banks, insurance companies, credit card companies and stock brokerages) to diminish risk and reduce the costs associated with losses, fines, investigations, and customer remediation.
Proactively addressing financial crime risks requires a great deal of collaboration and coordination across the institution, but provides tremendous benefits to the institution and reduces both risk and cost.