Introduction
The Legal Sector has been captured under the new AML Regulations (Anti-Money Laundering and Countering Financing of Terrorism Act 2009) for just over 90 days and we have had time to measure the success and failures of AML Programmes. Organisations Dimension GRC have spoken with have indicated they are reviewing their programmes to remove log-jams and adjust assumptions to get back to ‘normal’ billable hours.
Customers have told us that the time it takes to identify a customer and complete risk profiling is a major hurdle slowing the firm’s ability to commence work for clients. This is taking resources from client work, increasing the cost of compliance and causing frustration.
By now firms have completed the Risk Based Assessment to understand the risks customers, products and geographies pose to the Partners and have developed their AML Programmes to document the policies, procedures and controls to mitigate or minimise those risks. This, however, is just the first step to ensure compliance.
Practice Managers face competing objectives. Their task is to implement the programme while minimising the impact on clients, the Partners and the firm. This can be a difficult task without focusing on simplification, standardisation and automation.
Enterprise Wide Risk Management
An effective Risk Management Program measures the risk but should identify opportunities; whether that be streamlining processes to improve speed to billable hours, to reduce compliance costs, reduce duplication of activities or to pivot resources from one product, sector or market to another. An integrated risk model should consider coordinated governance across the practice’s partners in line with the firms strategic objectives.
Steps to Improve Efficiency
The Department of Internal Affairs has estimated the average cost of identifying a customer manually is NZD54.00. The cost itself is not the greatest concern for many of the lawyers we have engaged but lost hours is the true cost. Firms are required to have the Know Your Customer process complete and understood before they are permitted to commence work for clients. Every hours delay in on-boarding a new matter decreases the optimal efficiency of the firm.
Streamlined approach to gathering information and reducing the touchpoints for customers improves speed to service. Transforming and automating the firms AML policies, procedures and controls reduces the cost of acquisition, protects the customer experience through the on-boarding process, ensures appropriate record keeping and enables the firm to manage demands on the Practice Manager and Partners.
What do I need to do to be compliant
The Risk Based Assessment and the AML Programme set the scene for how to manage risk but imbedding the programme into the firm will move towards protecting the firm from organisational, reputational and financial risk.
The firm will need:
· Appoint a compliance risk officer;
· Complete the Risk Assessment;
· Develop the Programme based upon the outcomes of the Risk Assessment;
· Know Your Customer with appropriate Customer Due Diligence processes;
This includes Customer or Matter Profiling:
– Identification of customers;
– Completing Enhanced Due Diligence for High Risk customers including Politically Exposed Persons, Sanctions and Adverse Media; &
– Know the Source of Wealth or Funds.
Ensure the Firm actions Ongoing Due Diligence
– Completing Transaction Monitoring & Customer Reviews.
Record keeping and reporting is a must. Records should be sufficient to reconstruct the identity of the client, the transaction or the matter. This will includes appropriate escalation processes including lodgement of required;
– Suspicious Activity Reporting
– Prescribed Transaction Reporting
– Complete Staff vetting and training with a focus on continual professional development.
How do I get the best outcome?
Simplification
Removing the need to review reams of data, multiple spreadsheets and customer files is key. The value is in the human input. Compliance Managers should dedicate their time to reviewing the risks and let AML Software find the anomalies that need attention.
Having the ability to manage real alerts and minimise false positives is important to managing risks.
Standardisation
We know from our own experience as customers how important it is to get the customer experience as seamless and customer centric as possible. A good onboarding experience will be customer focused, enterprise wide and integrated across the firm. Accelerating the onboarding process through standardisation and simplification will improve productivity and reduce non-billable workloads.
Automation
Time is money and when it comes to time, AML / CFT tools should be doing the heavy lifting.
Practice Managers are heavy on the workload and Partners and lawyers are under pressure to commence work with the clients – every billable hour counts. AML software for lawyers, including machine learning, presents a wholistic approach to identifying and evaluating suspicious activity, leaving valuable time for compliance managers to deal with more complex tasks requiring more complex escalations and resolutions.
Opportunity Awaits
The impact on Practice Managers, lawyers and Partners was greater than anticipated and greater efficiencies can be a quick win with an affordable solution. We are hearing from partners that after reviewing their AML Programme there is scope to move towards greater automation, greater standardisation of processes and controls, and use technology to bring this all together.
Practice Managers have told us they are seeking:
- A firm wide platform for customer onboarding, suspicious activity monitoring, client insights and monitoring and seamless Suspicious Activity Reporting (SARs)
- Automated Insights to reduce the time to identify Suspicious Activity with notifications of necessary alerts reducing the cost of compliance.
- An open data model to utilise expertise across a wide range of third-party data provides, including politically exposed persons white lists and black lists, sanctions and adverse media from a single dashboard.
- Quality Data with a layered approach across the practice to identify customer and transaction behaviours and matter insights.
- A task management solution to streamline analysis, resolution and regulatory reporting in a single, unified dashboard.
- Ability to manage global, multinational regulations, guidelines and best practices from a single solution.
- Record Keeping to enable firms the ability to defend the models they use to automate analysis. Reconstructing the clients identity, transactions and matter activity is essential. Regulators will look to understand the rationale for actioning a task, including the escalation and resolution process.
Investment in AML software needs to serve the purpose for today and build for continual learning to improve and enhance governance and risk management. Technology, automation and standardisation will remove the pressures felt by the Practice Manager and offer the client a better on-boarding experience. This improved performance will get the firm billing faster with the customer at the centre.
Conclusion
Partners, and the legal sector as a whole, will experience increasing compliance and regulatory pressures for the next two to five years as the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 is implemented and modified to suit the New Zealand market.
It makes sense to have a cross-practice enterprise wide risk management programme that integrates AML compliance with the firms existing policies to address duplication, increase billable hours and standardise processes across matters. An integrated approach will increase time for billable hours and save money.