NSS – Demo
ASEAN and Global Trends in FCC and
Correspondent Banking
What are the industry’s trends and challenges? How can Banks turn compliance into an advantage?
Director, Financial Crime Compliance, Asia Pacific
A. DE-RISKING: FACTS & FIGURES
B. SWIFT FCC: WHAT’s NEW?
C. KYC and CYBER SECURITY
4
REPUTATIONAL/FINALCIAL RISKS and DE-RISKING
60% of local Banks reported a decline in CBRs Source: The World Bank 2015
The trend is mainly driven by US/UK/European Banks and affecting Emerging markets
60% 50%
“ In the Philippines, (…) 84 accounts (…) have been closed by 33 correspondent banks ” Source: IMF
“ smaller emerging markets and developing economies (…) may be the most affected.” Source: IMF
5
REPUTATIONAL/FINALCIAL RISKS and DE-RISKING
75% of the large global banks have reported a decline in their number of CBRs
Source: The World Bank
Some will reduce their number of CBRs by more than 50%
Source: SWIFT / ADB
75% 50%
Number of Active Correspondents
-
500
1,000
1,500
2,000
2,500
3,000
3,500
Singapore Malaysia Indonesia Thailand Vietnam Philippines Cambodia BruneiDarussalam
Myanmar Laos
2014
2015
2016
-1.05%
-4.50% -8.16% -4.79%
-0.64% -8.38%
+33.71% -0.69% -10.61% -0.70%
23.5
24
24.5
25
25.5
26
26.5
27
012345678
Jan-1
4
Ma
y-1
4
Sep-1
4
Jan-1
5
Ma
y-1
5
Sep-1
5
Jan-1
6
Ma
y-1
6
Sep-1
6
AP
AC
Acti
ve
Co
rresp
on
den
ts
Th
ou
san
ds
AP
AC
Tra
nsacti
on
s S
en
t
Millio
ns
Transactions sent Active Correspondents
6
DE-RISKING: Potential consequences
For Financial Institutions
1. Higher costs for KYC and remittances
2. Difficulty to maintain and establish new relationships
3. Loss of clients or business opportunities
For Countries
1. Lower regional integration
2. Lesser trade
3. Slower growth
“(…) processing U.S. dollar checks is now lengthier and costlier, with one major bank indicating a cost of US$150 per check” IMF
“ De-risking has the potential to destabilize our economies, promote financial exclusion and increase poverty levels. ” CBCS
7
DE-RISKING EXPLAINED
75% 50%
Source: SWIFT / ADB
DE-RISKING EXPLAINED
8
15.5 Billion $
fines levied on financial institutions in 2015
for violation of sanctions regulations
9
REPUTATIONAL/FINANCIAL RISKS: Banks are reviewing all Correspondents
Global review of banking
relationships both on
profitability and on compliance
‘higher operational costs for trade
and export finance business’
10
DE-RISKING EXPLAINED
DERISKING FACTORS: Suggested Solutions
1. COST: Reduce the cost of KYC/EDD
2. RISK: Put the right controls in place
3. TRANSPARENCY: Communicate proactively
11
HOW CAN SWIFT HELP? Global utilities
DERISKING FACTORS: Suggested Solutions
1. COST: Reduce the cost of KYC / EDD KYC Registry
2. RISK: Put the right controls in place Sanctions Screening / Testing
Name Screening
RMA Analysis
Daily Validation Reports
Compliance Analytics
Etc.
3. TRANSPARENCY: Communicate proactively KYCR
Audit reports (incl. security audit)
A. DE-RISKING: FACTS & FIGURES
B. SWIFT FCC: WHAT’s NEW?
KYC Registry
Sanctions Screening
(NEW) Name Screening
RMA Analysis
(NEW) Payment Data Quality & others
C. KYC and CYBER SECURITY
KYC
The KYC Registry
Global depository of due diligence documents
and data
• 3,500+ financial institutions
• 1,000+ in APAC
• 200+ countries and territories
SWIFT Traffic Profile
Aggregated view of transaction activity with
high-risk jurisdictions
KYC Adverse Media
Access to news and regulatory notices about
(potential) customers
RMA Analysis
Understand which of your RMAs have been
dormant or inactive, hence creating
unnecessary costs and risks
COMPLIANCE ANALYTICS
Compliance Analytics
Global view of your organization's SWIFT
message traffic
• 32 financial institutions
• Customer base represents 45% of SWIFT
payments
• 750+ end-users
(NEW) Payments Data Quality
Assess quality of originator and beneficiary
information to comply with FATF
Recommendation 16
(NEW) Daily Validation Reports
Detect unusual payment flows quickly and
easily
SANCTIONS
Sanctions Screening
Transaction screening with Automatic List updates
• 600+ customer institutions
• 140+ in APAC
• 22 central banks
Sanctions Testing
Test, fine-tune and optimize filters and lists with
third-party insurance
• 40 customer institutions
• 4 of the top 5 US banks by asset
• Over half of the top 10 European banks
• 430 subscribers to Sanctions List Monitor
(NEW) Name Screening Service
Screen individual names and customers, supplier
and employee databases
List Management Service
Manage, customize and automate list data feeds
SWIFT Compliance: Top-4 priorities for LOCAL banks
KYC
The KYC Registry
Global depository of due diligence documents
and data
• 3,500+ financial institutions
• 1,000+ in APAC
• 200+ countries and territories
SWIFT Traffic Profile
Aggregated view of transaction activity with
high-risk jurisdictions
KYC Adverse Media
Access to news and regulatory notices about
(potential) customers
RMA Analysis
Understand which of your RMAs have been
dormant or inactive, hence creating
unnecessary costs and risks
COMPLIANCE ANALYTICS
Compliance Analytics
Global view of your organization's SWIFT
message traffic
• 32 financial institutions
• Customer base represents 45% of SWIFT
payments
• 750+ end-users
(NEW) Payments Data Quality
Assess quality of originator and beneficiary
information to comply with FATF
Recommendation 16
(NEW) Daily Validation Reports
Detect unusual payment flows quickly and
easily
SANCTIONS
Sanctions Screening
Transaction screening with Automatic List updates
• 600+ customer institutions
• 140+ in APAC
• 22 central banks
Sanctions Testing
Test, fine-tune and optimize filters and lists with
third-party insurance
• 40 customer institutions
• 4 of the top 5 US banks by asset
• Over half of the top 10 European banks
• 430 subscribers to Sanctions List Monitor
(NEW) Name Screening Service
Screen individual names and customers, supplier
and employee databases
List Management Service
Manage, customize and automate list data feeds
SWIFT Compliance: Top-4 priorities for INTERNATIONAL Banks
A. DE-RISKING: FACTS & FIGURES
B. SWIFT FCC: WHAT’s NEW?
KYC Registry
Sanctions Screening
(NEW) Name Screening
RMA Analysis
(NEW) Payment Data Quality & others
C. KYC and CYBER SECURITY
PROBLEM: The cost of KYC & EDD is too high
Maintaining existing relationships is time-consuming, risky and costly
DUPLICATED
NON-STANDARDIZED
INACCURATE
TIME-CONSUMING
SOLUTION: SWIFT KYC Registry
DUPLICATED
NON-STANDARDIZED
INACCURATE
TIME-CONSUMING
CENTRALIZED
STANDARDIZED
VALIDATED
EFFICIENT
Standardised baseline
Up-to-date information
Data verification by SWIFT
Cooperative business model
Secure, user-control access
More than 3,500 financial institutions 1,800+ in Europe, Middle East and Africa
1,000+ in Asia Pacific
600+ in the Americas
200+ countries and territories worldwide
C:\Users\jsoubry\Desktop\KYCR\Counterparty coverage by
region 2017 v1.xlsb
Launched in December 2014 in collaboration with Bank of America Merrill Lynch, Barclays, Citi, Commerzbank, Deutsche Bank, Erste Group Bank AG,
HSBC, ING, J.P.Morgan, Raiffeisen Bank International AG, Societe Generale, and Standard Chartered Bank. 18
SWIFT KYC Registry, the new global standard
434
0
100
200
300
400
500
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
NewAPACUsers in2016…
1456
0
200
400
600
800
1000
1200
1400
1600
Jan Feb Mar Apr May Jun Jul Aug Sep OctNov
Dec
New Global Users in2016 (Accumulative)
20
"The KYC Registry will be a key differentiator in ensuring
the correspondent banking industry increases the
accuracy and efficiency around its KYC process. This is
not a 'nice to have' but rather an imperative (…)”
Standard Chartered
C:\Users\jsoubry\Desktop\KYCR\KYCR Baseline & SWIFT
Support.pdf
"Data collection times in many cases have been
reduced from days or weeks to a few hours"
Unicredit
“(…) Converse Bank positions itself as a
more transparent, trustworthy and reliable
business partner in its relations with
existing and potential correspondent
banks."
Converse Bank
A. DE-RISKING: FACTS & FIGURES
B. SWIFT FCC: WHAT’s NEW?
KYC Registry
Sanctions Screening
(NEW) Name Screening
RMA Analysis
(NEW) Payment Data Quality & others
C. KYC and CYBER SECURITY
“The Sanctions Screening service allows us to comply with the
sanctions laws by blocking and flagging prohibited transactions.
It is an easy-to-use solution that keeps us up-to-date and
reduces the operational complexity (…”
Huang Weibo, Head of International Business, Huizhou Rural Commercial Bank in China
Public Sanctions lists available on SWIFT Sanctions Screening
Public sanctions lists
updated by SWIFT daily
36 +
Private lists & Good-guys lists
managed by the users
Country Description
Australia
Department of Foreign Affairs and Trade (DFAT)
DFAT Iran Specified Entities List
DFAT Country List
Canada
Office of the Superintendent of F.I. (OFSI)
OSFI - United Nations Act Sanctions
Department of Foreign Affairs and Trade (DFAIT)
DFAIT Countries Embargoes
European Union
European Official Journal
EU Countries Embargoes
EU Ukraine Restrictive Measures
France Journal Officiel français
Hong Kong Hong Kong Monetary Authority (HKMA)
HKMA Countries Embargoes
Japan Ministry of Finance
Special Measures
Netherlands Frozen Assets List - Dutch Government
New Zealand New Zealand Police
China Ministry of Public Security of the PRC
Ukraine State Financial Monitoring Service of Ukraine
National Security and Defense Council (NSDC)
Country Description
Norway
Ministry of Foreign Affairs (MFA) list
MFA United Nations list
MFA Countries Embargoes
Singapore
Monetary Authority of Singapore - Investor Alert List
Singapore Government - Terrorism (Suppression of Financing) Act
Switzerland Secrétariat d'Etat à l'Economie (SECO)
SECO Countries Embargoes
United Kingdom
Her Majesty's Treasury
HMT Countries Embargoes
HMT Ukraine Restrictive Measures
United Nations
United Nations
UN Countries Embargoes
United States of America
Financial Crimes Enforcement Network (FINCEN)
OFAC Specially Designated Nationals
OFAC Embargoed Countries
OFAC non-Specially Designated Nationals, including:
• OFAC Palestinian Legislative Council
• OFAC Part 561
• OFAC Foreign Sanctions Evaders
• OFAC Sectoral Sanctions Identifications
• OFAC Non-SDN Iranian Sanctions Act
• OFAC 13599 list
SWIFT Sanctions Screening
Your institution Your correspondents
• Automated screening engine
• No Hardware needed
• Block and report non-compliant
trades in real time (web based GUI)
• 36 lists
• Updated daily
• Private list and good guys list
29
Sanctions Screening: How can SWIFT help your Bank?
2. PROTECT YOUR BUSINESS
Reduce your risk profile
Prevent RMA cancellations
1. REDUCE RISK
Auto screening & list updates
Protect your organization against
reputational & financial risks
3. REDUCE COSTS
No Hardware needed
2-day implementation
SWIFT can help your bank automate its sanctions screening to reduce Risk and maintain good relationships
SWIFT Sanctions Screening is very easy to implement
600+ Clients
120+ countries
22 central banks
SWIFT Sanctions Screening Users since launch in 2012
120 in APAC
A. DE-RISKING: FACTS & FIGURES
B. SWIFT FCC: WHAT’s NEW?
KYC Registry
Sanctions Screening
(NEW) Name Screening
RMA Analysis
(NEW) Payment Data Quality & others
C. KYC and CYBER SECURITY
SWIFT Name Screening: Reduce your Risk Profile
• Name Screening
• Screen single names, as well as customer, supplier and employee databases
• Includes Sanctions, PEP and private lists
• Options
1. New client screening: Online screening
2. Periodic reviews: Batch Name screening
3. Real-time updates: API
NSS – Demo
PEP
Lists SOR
Lists
Sanctions
Lists
Private
Lists
Adverse
Media
SLD Bespoke by
Institution
Public Sanctions Lists
provided by SWIFTs List
Mgmt. Operations team have
been cleansed, standardised
and enriched with BIC and
ISO country codes.
They are updated on a daily
basis.
Providing institutions with an
easily manageable list
scope.
Using Dow Jones world-
class global Politically
Exposed Persons
(PEP) lists
Customers can segment
categories to screen
against.
Both domestic and
international lists
Focuses on PEPs, and
relatives and close
associates (RCAs) who
could pose a risk.
Sanctions Ownership
Research covers
associated entities of
sanctioned individuals
from all jurisdictions on
EU and OFAC lists if
they;
- have 10% or more
ownership
- are on the Board of
Directors
- have controlling
interest
Sourced by DJ’s
specialist research team
Institutions have the
flexibility to upload their
own bespoke lists to be
screened
This also includes local
lists that are not publicly
available (e.g MAS lists
that are only provided
directly to SGP institutions)
Powered by Dow Jones
Adverse Media lists
Benefitting from DJs
specialist research teams
with vast language skills
4 categories can be filtered
– Regulatory, Financial,
Environmental and Social
Mandatory Report Mandatory EDD Sanctions EDD AML Policy (Optional) Risk Based Approach
March 2017 Q3 2017
Build your screening policy
List scope
Matching elimination
criteria
Alert settings
Date of birth Range comparison
Country Comparison
Gender Comparison
Escalation
workflow
4-eyes
workflow Alert creation
PEP Level 1
EU OFAC UN SECO PEP Level 2
Build your screening policy
A BU can have multiple screening configurations covering Sanctions, PEP or both.
Predefined blocks can be selected to fit your regulatory requirements.
Date of birth Range comparison
Country Comparison
Gender Comparison
Escalation
workflow
4-eyes
workflow Alert creation
PEP Level 1
EU OFAC UN SECO PEP Level 2
List scope
Matching elimination
criteria
Alert settings
How do you use NSS Online?
Enter Entity Decision Workflow Results
& Audit
• Clients
• Suppliers
• Employees
• Individuals
• Companies
• Organisations
Review Sanctions and
PEP alerts
Decision workflows based
on requirements.
2 eye or 4 eye Checks
Investigate Entity
Fuzzy matching and other
advanced alerting
techniques generate a
match based on:
- Sanctions lists
- PEP & other lists
- Private lists
NSS – Demo
Name Screening – Product Roadmap
37
2017
Online live
Q1 2017
Batch Screening Pilot - End Q1– Q3 2017
NSS Online V1.1
(March 2017)
• Additional Sanctions lists
• Private List
• Pilot feedback integration
Batch Screening live
Q4 2017
NSS Online V1.2
(August 2017)
• Additional Sanctions lists
• Additional commercial lists
• Enhanced screening config
2018
Batch Screening V2
Q2 2018
• Automated file processing
• Screening API
Future delivery
2018
• Other language
screening
• Transliteration
…
NSS – Demo
A. DE-RISKING: FACTS & FIGURES
B. SWIFT FCC: WHAT’s NEW?
KYC Registry
Sanctions Screening
(NEW) Name Screening
RMA Analysis
(NEW) Payment Data Quality & others
C. KYC and CYBER SECURITY
RMA analysis and review 43
What is RMA
RMA (Relationship Management Application) is a SWIFT mechanism
to control the traffic you want to accept from your correspondents
and vice-versa
44
Why is it important to review your RMA relationships?
Wolfsberg Guidance on SWIFT Relationship Management Application (RMA) Due
Diligence (Jul 2016) - extracts
Why is it important to review your RMA relationships?
Correspondent Risk
Open door to undesirable traffic
750k + Dormant relations with APAC BICs
50% Of total number of outstanding RMA
relations is dormant on average
Cost of relationships
RMA Analysis: Process
1. Identify the status of RMA relationships
Traffic
No
Yes
Not in recent 12
months
In recent 12 months
Unused
Dormant
Active
2. Provide Report
3. Clean-up RMAs (optional)
A. DE-RISKING: FACTS & FIGURES
B. SWIFT FCC: WHAT’s NEW?
KYC Registry
Sanctions Screening
(NEW) Name Screening
RMA Analysis
(NEW) Payment Data Quality & others
C. KYC and CYBER SECURITY
Other Compliance Solutions to Reduce your Compliance and Reputational Risk
• Sanctions Testing
• Test your existing Sanctions Screening system’s performance and refine the filter to reduce manual
intervention. Benchmark your performance & risk profile against the industry practices.
• (NEW) Payments Data Quality
• FATF recommendation 16: Beneficiary as well as originator information should be included in wire
transfers and related financial messages
• Provides a global overview of group-wide payments data quality
• Compliance Analytics
• Monitor Country risks, Sanctions, Counterparty risk, nesting activities, suspicious transactions etc.
• Unique to SWIFT
• (NEW) List Management
• Automatic update, cleaning and enrichment of all Major Sanctions Lists
• Helps your bank and your correspondents ensure you are using correct, complete and up-to-date lists
A. DE-RISKING: FACTS & FIGURES
B. SWIFT FCC: WHAT’s NEW?
C. KYC and CYBER SECURITY
53
Payment fraud prevention and detection – What we know
Challenges are:
- Knowing you have been attacked
- Understanding the nature of the attack
- Knowing how to respond to incident
Attackers are organised, sophisticated and well funded
Modus operandi
CSP | Overview
You
Your
Counterparts
Your
Community
Secure and Protect
Share and Prepare Prevent and Detect
Customer Security
Programme
“There are only two
types of companies:
those that have been
hacked and those
that will be hacked” Robert S. Mueller, III, Director FBI
54
Internal Security Audit
as part of KYC?
Daily Validation Reports
Daily Validation Reports – Sales Training – CONFIDENTIAL
Daily Validation Reports – responding to the insider threat
Banks need to verify the integrity of payments across back-office and interface systems
This is a separate problem from need
to detect channel fraud (e.g. internet
fraud or false-invoicing)
Daily Validation Reports is a control to help mitigate the insider threat
SWIFT DVR USAGE
Validate you daily
inbound or outbound
traffic
Focus your investigation
and quickly identify
anomalies
Daily Validation Reports – CSP – Transaction Pattern Detection – Nov 2016
Validates your daily traffic
High variation in traffic
compared to average – does
not match records!
Currency
report
SWIFT DVR USAGE
Validate you daily
inbound or outbound
traffic
Focus your investigation
and quickly identify
anomalies
Daily Validation Reports – CSP – Transaction Pattern Detection – Nov 2016
Identify suspicious transactions & focus your investigation
Uncharacteristic high value or
high volume transactions
Counterparties
Daily Validation Reports – CSP – Transaction Pattern Detection – Nov 2016
Quickly identify new payment flow combination
New payment flow not seen in
the last 24 months New
Counterparties
Daily Validation Reports – CSP – Transaction Pattern Detection – Nov 2016
CHEATSHEET: How DVR can help identify fraud – A fictitious scenario
Attackers gain access to the back office systems of Bank X and send fraudulent payments.
A total of $150M in fraud is sent from Bank X to accounts in Bank Y ($100M) and Bank Z ($50M).
Statements are intercepted by malware in Bank X’s environment – payment records are wrong!
Payments to Bank Y are uncharacteristic, values are usually lower!
There have been no previous payments to Bank Z
Bank X Bank A
Bank Y
Bank B Bank Z
11 fraudulent
payments
totalling $150M
1 fraudulent
payment
of $50M
10 fraudulent
payments
totalling $100M
Identifies new counterparties
Validates activity
Highlights unusual payments 1
2
3
1
2
3
DVR Benefits
Validates Back-office
Detects Incident response
with
• Uses SWIFT’s record of
institution traffic
• No reliance on integrity of
internal systems
• Identify deviations from
usual
• Highlights new
relationships
• Daily refresh for quick
recovery
A simple, secure way to validate your SWIFT transaction activity and
understand your payment risks
Secures Data protection
with
• Centrally hosted
• SWIFT.com protected
access
• Out-of-band
Daily Validation Reports – CSP – Transaction Pattern Detection – Nov 2016
Conclusion
HOW TO TURN COMPLIANCE INTO A COMPETITIVE ADVANTAGE?
HOW SWIFT HELPS TURN COMPLIANCE INTO A COMPETITIVE ADVANTAGE: Conclusion
REDUCE YOUR COMPLIANCE COSTS
REDUCE YOUR RISK PROFILE & IMPROVE RISK MONITORING
COMMUNICATE TRANSPARENTLY
COMPLIANCE ANALYTICS
SANCTIONS
List Monitoring
SWIFT will send an email to subscribed users
whenever a specific list has been updated
FREE service!
Subscribe for free Here
SWIFT Compliance: MERRY XMAS from SWIFT’s SANTA
Thank you
NSS – Demo
Top Related