Several news stories1 of insider trading that surfaced during the COVID-19 crisis have once again shone the spotlight on the topic of trade surveillance.
Proper surveillance of transactions is increasingly becoming deemed important by financial regulators across the world. Regulators today have stepped up their scrutiny on the compliance policies of financial institutions and corporations, and banks are required to be proactive in identifying and investigating potential cases of insider trading.
However, monitoring is a time and cost-intensive process, and banks are often inhibited by the increasing volumes of transactions, the prevalence of manual processes, and the rising cost of monitoring. These impediments are why the investigation process is a prime candidate for automation to streamline the process while reducing the cost and risk of having potential fraud cases slipping through the cracks.
While many providers of trade surveillance engines also offer investigation tools or add-ons to supplement the investigation process, they often come at a higher licensing fee and may not be customisable to fit the needs of individual banks. Conversely, Robotic process automation or RPA has lower licensing costs, allows for faster implementation and configuration by the bank’s internal teams without major system upgrades or changes, and the process can be automated within weeks. The billions of dollars saved in fines from inadequate controls make an investment in the trade surveillance process a pragmatic choice for all banks.
The core issue faced by banks when complying with fraud-related regulations is that the investigation process is a highly manual and time-consuming one. The detection of a potentially risky transaction and the following investigation process can potentially take hours to conduct, although this varies broadly across different players and is mostly driven by the level of system support and automation built into the investigation process.
With low levels of system support and no automation, employees must comb through email chains and a multitude of unstructured data from various sources, making even the simplest of checks time-intensive to perform. Large and expensive teams are also needed to perform these repetitive and low cognitive-demand tasks.
Limited by resources and faced with large volumes of transactions a month, most banks redefine their sampling methodology and opt for a sample-based approach to keep up with the number of investigations without a significant growth of costs. This is usually done with a targeted or risk-weighted sample selection methodology where only the transactions with the highest perceived risks are sampled.
This approach of placing the monitoring capacity considerations before the risks is akin to placing the cart before the horse. It increases the risk of potential fraud cases going undetected and the banks incurring hefty penalties for the lack of proper surveillance measures.
Instead, the level of risk acceptable to the bank should first be defined, followed by the sampling methodology, and by extension, the sample sizes. Deciding the necessary investments in people and technology to match the defined sampling methodology should be the final stage in a prudent, risk, and compliance-focused approach.
In essence, RPA is an application governed by business logic and structural inputs that mimics human activities to execute processes automatically, repeatedly, faster, and more accurately. Businesses utilise RPA to automate tasks that require little to no cognitive effort as an effective cost and time enabler.
With the spotlight on insider trading and the potential costs of regulatory breaches, banks are under more pressure to perform their due diligence by monitoring and detecting potential insider trades executed by their clients.
The typical investigation process for insider trading, however, is laborious. It consists of extracting investigation alerts from the fraud-detection system, retrieving and aggregating relevant news, company and financial data required, and the analysis by the investigator. The bulk of this process is simple and tends to be at least partially rule-based, making it a prime case for streamlining through automation. As illustrated in Figure 1, five out of the six key steps of an insider trading investigation process can be fully automated. The last step of analysis can also be supported by RPA, and parts of the analysis can be prepared in advance by the robot, although most organisations prefer to have a human make the final decision on any given case.
While the data aggregation process of each alert takes as little as 10 to 20 minutes to complete manually, the large volume of 15,000 to 20,000 alerts processed by most banks each year adds up to a significant amount of time spent on a task that requires a minimum cognitive analysis. The automation of this step can free up the equivalent of up to 2.5 full-time employees to do more high-level tasks.
Some decision-making components of the resulting analysis process can also be performed by a robot. In cases where the defined risk values are well below a given threshold, these obvious negative cases can be closed automatically, leaving only cases where expert judgement is required to the employees.
Through Intelligent Automation and machine learning based on RPA, the robot can be trained to rank and prioritise cases that bear higher risks for a more focused analysis by the employees. With enough training based on past cases, the robot can apply a threshold to close false positives while also eliminating human errors.
Additionally, once deployed, a robot can work overnight to prepare the alerts from the previous day for investigation, allowing the employees to dive straight into the valuable analysis and decision-making part of the process when they start to work the next day.
The automation of significant portions of the insider trading investigation process heightens operational efficiency and investigation speed. The resulting increase in surveillance coverage and lower chances of human errors reduce the risk of failing to identify any insider trading transactions due to insufficient controls. Coupled with the considerable time and cost savings, the implementation of RPA in this use case makes it an extremely attractive solution.
The temptation to decrease sampling with narrower targeting is strong as it is easier to keep the process cost in check with lesser potential hits or transactions to investigate. This, as demonstrated above, is fundamentally risky.
Rather, banks should look at streamlining their investigation processes so that the surveillance coverage can be maximised. Adopting RPA is an effective, low-complexity and low-cost way to automate investigation surveillance processes and elevate operational efficiency, all while controlling risks and costs.
By spending less on resourcing menial work and more on automating controls, banks can then better regulate their risks without sacrificing surveillance coverage, giving them the opportunity to have their cake and eat it too.
Synpulse is dedicated to financial services and private banks, with many of our clients being major private banks in the Asia-Pacific region. Our expertise includes defining and implementing risk and controls frameworks, as well as the financial services process automation and system change management support that are crucial for a successful project. Specifically, we can help by: