Article
The cost of AML compliance: Why outsourcing may be the smart solution
Dec 11, 2024 · Authored by Ashley Farrell
Anti-money laundering (AML) compliance has been a cornerstone of the financial services industry for years, designed to prevent illicit activities such as money laundering and terrorist financing. Yet, despite its long-standing presence, the true cost of maintaining effective AML compliance programs is often underestimated, both by regulators and by financial industry leaders.
Beyond the obvious financial costs, which include major investments in personnel, policy development and technology, many organizations that are new to AML compliance fail to understand the significant time and resources required to implement and sustain robust compliance efforts that meet regulatory standards. With regulatory environments growing increasingly complex – we touched on this in the first article of our AML compliance series – and as enforcement becomes more stringent, the costs associated with AML compliance have become a critical factor for financial institutions to consider.
The simplest way to understand the true cost of compliance is to break it down into people, processes and technology.
From a personnel standpoint, an AML compliance team is likely going to require at least two employees at a minimum – an analyst to handle monitoring and investigations and a director to oversee the process and review the findings.
The size of the organization and the level of risk involved determines the workload for the employees focused on AML compliance. In some cases, they may not have to be focused full-time on AML compliance; in other instances, two full-time employees may not be sufficient.
In either case, technical expertise and regulatory knowledge are not requirements that should be taken lightly during the hiring process. Simply put, these employees need to know what they’re doing. They need to have background in AML regulations, including FATF guidelines, the Bank Secrecy Act (BSA) and other relevant compliance frameworks, as well as background in risk management (ideally in identifying, assessing and mitigating financial crimes). They also need to have the required Certified Anti-Money Laundering Specialist (CAMS) certifications. Lastly, and often overlooked, the employees need to have significant availability. AML responsibilities can’t simply be tacked on to a team member who already has their hands full, or one with little-to-no experience in financial fraud and AML compliance.
Obviously, there are a significant number of tasks involved in AML compliance, some of which are ongoing responsibilities and others that are specific to the beginning of an organization’s AML compliance journey. At a high level, the tasks generally fall under three buckets:
· Program governance and ongoing support
· Customer due diligence
· Transaction monitoring and suspicious activity reporting
However, within each of those three buckets, it is important to understand the timing and effort required on the organization’s part. Here is a high-level summary of the primary tasks involved with AML compliance and the timing and effort generally associated with each.
Clearly, AML compliance is not something that a CFO (or anyone) can do in their spare time. The list of activities is vast – many of them require meticulous deliverables – and the collective level of effort would be overwhelming for a single employee and likely impossible for a part-time employee to handle.
It is also critical to consider internal components such as the development of procedures for reporting and escalation, the prioritization of ongoing training and development and the effective integration of AML compliance with other departments, such as legal, IT, procurement/vendor management, product development, corporate development, and all front line customer facing teams to ensure a seamless flow of information throughout the process.
While it’s costly to hire experienced professionals who can run your AML program effectively, and the processes involved are extensive and time-consuming, the technology component should not be taken for granted.
In short, there are certain tools that you simply need to have – and these tools are not inexpensive. For certain small-to-medium sized entities, the costs can be significant or even burdensome. And if you’re thinking that maybe increased technology could effectively replace some or all of the personnel needs discussed earlier, you’d better think again. The technology component is a critical piece of the puzzle.
The technology that would likely be required as part of an AML compliance program includes:
· Know your customer (KYC) software: A solution that checks the Office of Foreign Assets Control (OFAC) and other sanctions lists, Politically Exposed Persons lists, and adverse media
· Customer identification tool: Software that helps verify the identity of your customers
· Electronic customer file: A tool for maintaining 360 degree views of customers, including all onboarding, CIP, CDD/EDD, and KYC information, and for performing customer risk rating and periodic reviews
· Transaction monitoring software: A tool that ingests transaction information for customers and flags suspicious activities The cost of these technologies could exceed $100,000, but it’s important to note that AML technology – not to mention the other components we touched on earlier – are not a static cost. There is a constant evolution of new money laundering typologies (and innovative fraud-fighting technologies) to combat new types of fraud and nefarious methods that are infiltrating the marketplace. In addition, as organizations grow in size and complexity, the need for global AML functionality increases as well.
As a result, AML compliance is not just a “set it and forget it” situation. The people you put in place need to receive regular training and maintain certifications. The policies must constantly evolve to reflect
changes in financial crimes and the associated regulations, as well as your own evolving risk profile. And the technology component never sits still, as the tools must develop at a rate that outpaces the fraud they’re designed to combat.
Outsourcing: An attractive option
The total cost of AML compliance factors in the people (finding, hiring, training and paying them), the processes (creating, preparing and performing them throughout the year) and technology components (investing in the software and learning how to use it). When you consider the sheer cost of these factors, outsourcing becomes a highly attractive option for many institutions.
With the wide array of the AML costs in mind, we deliver outsourced compliance services in an efficient manner that saves organizations time, energy and money. In some instances, organizations hire us to take over their entire AML compliance process. On the other hand, some organizations prefer an AML à la carte approach where they pick and choose the services that meet their needs.
In either case, Baker Tilly absorbs these costs as part of our AML compliance services, allowing you to focus on what you do best.
Meanwhile, our CAMS-certified, on-shore professionals take care of the rest. We incorporate best practices, innovative strategies and emerging technology. After all, the AML compliance process can be expensive, time-consuming and overwhelming, so it makes sense that many organizations view outsourcing as such an attractive option.
To discuss how Baker Tilly can ease your AML compliance journey