How Banks Can Align Their Transaction Monitoring and Screening Efforts to HKMA Guidelines

• The HKMA has released an update to the guidance on transaction monitoring, screening, and suspicious transaction reporting to help Authorised Institutions (AIs) mitigate risk exposure to money laundering and the financing of terrorism.
• AIs are expected to consider the best practices and key themes outlined in the paper to improve risk-based AML/CFT policies,procedures, and controls.
• AIs must design a system to generate reviews alerts and produce MIS reports, which may entail the adoption of rule-based detection and automation technology along with the integration of external data. The quality, consistency, and usefulness of STRs must be maintained to meet JFIU standards.

The AML/CFT guideline previously published by the HKMA provides recommendations for the development and implementation of transaction monitoring systems and processes. Authorised institutions (AIs) need to design a system that produces alerts and management information system (MIS) reports, as well as processes for the review of those alerts, to address suspicious transactions and abnormal patterns. There are five core elements that AIs must consider when designing and implementing their transaction monitoring systems.

AIs must carefully consider every aspect of their business to determine the degree of automation and sophistication needed for their screening system. Specific business units must be accountable for relevant parts of the system and processes to achieve performance consistent with their internal policies. As such, AIs are responsible for the maintenance of screening data and the handling of potential name matches. They must set appropriate system parameters and identifiers to reduce false positives and conduct ongoing reviews of all systems and processes.

We illustrate in the below diagram the four key themes observed in effective sanction screening systems, and what AIs should do to achieve best practice.

The HKMA provides guidance on maintaining the quality, consistency, and usefulness of suspicious transaction reports (STRs) to meet JFIU standards. Heavy emphasis is given to the content, structure, conciseness, and digital footprint information in filed STRs. AIs must provide this information in an editable format to facilitate JFIU’s processing and analysis.

HKMA addresses five key areas of STR, which include the following.

While the areas of transaction monitoring and screening are mature functions within the bank, the guidance and the recent actions taken by the HKMA provide various avenues that AIs can pursue to enhance their capabilities.

1 | Remediation of current operations

AIs need to perform a current state assessment of their systems and operations in accordance with the guidance published by the HKMA. They must align with senior management to determine the target state while taking scope, scale, and risk exposure into account. Then they must identify specific gaps and work towards remediation of their current setup.

2 | Independent validation of systems
AIs must engage a qualified external party to assist them in ensuring the purpose of their current operations. They can involve an external party to perform statistical threshold tuning and calibration, validate data quality and system implementation, and incorporate external data in current operations. AIs can investigate the use of additional external data sources to support their transaction monitoring and screening systems as well as the investigation and resolution of alerts generated by the system. The AI can directly use structured commercial data sources that are readily available. The sourcing and processing of unstructured open-source data can be done manually or automated using regtech solutions to increase operational efficiency.

3 | Using network link analysis
The current detection capabilities and investigation effectiveness of the transaction monitoring and screening operations can be significantly improved with the use of cutting-edge technology, such as entity resolution and network link analysis. It can help connect disparate data sources to provide a unified view of the risk associated with a customer. Such risk can be explored and visualised in a robust, transparent, and intuitive manner to drastically enhance the effectiveness and efficiency of investigations but also the quality of the STRs filed to the JFIU.

Synpulse is a global consultancy partner that delivers tailor-made solutions for a wide range of financial institutions. We can help guide your bank’s transformation journey by leveraging our extensive industry knowledge of AML/CFT regulations, strong connections with major industry players, and technical expertise to build world-class, technology-driven financial crime compliance (FCC) operations.

Extensive knowledge of AML/CFT regulations

• We can help you navigate the dynamic regulatory landscape with our strong grasp of AML/CFT related topics in the APAC region
• We have a deep understanding of global regulations and can provide guidance on alignment with global standards

Strong connections with major industry players

• We can leverage our strong connections with major RegTech firms to provide insights on technology, trends, and best practices for system and capability enhancement
• We know the challenges of key industry players when trying to integrate new regulatory technologies into their existing FCC operations
• We are familiar with the use and implementation of advanced technology such as network link analysis and can ensure a smooth transition to the use of such technologies

Experience in validation of FCC systems

• Our team has strong experience in the validation of various aspects of regulatory systems including data, system implementation, system performance and output and the use of artificial intelligence/machine learning
• We can leverage our strong understanding of regulatory expectations across APAC to ensure that the AIs adoption of such technologies is compliant with regulatory requirements