AML vs FATCA: Implementation synergies
This blog is co-authored by Jay Chandrakant Joshi (JayChandrakant_J@infosys.com)
Regulatory compliance has become a buzzword these days, with an increasing number of banks finding it difficult to keep pace with the constantly-evolving nature of the regulatory world (A survey by NICE Actimize, published in June 2014, indicates that only 48% of financial institutions have a strong "Culture of Compliance" 1). Keeping in mind that regulatory spending, strictly speaking, is a non-discretionary expense for financial institutions and does not contribute to revenue generation, the focus should be on developing a common (generic) framework that can cater to similar regulatory requirements, thereby ensuring efficient utilization of regulatory budgets.
The Foreign Account Tax Compliance Act (FATCA), a US regulation applicable to financial institutions across the globe, has certain similarities to anti-money laundering (AML) requirements and makes a good case for developing a common framework. Both regulations require banks to develop a strong Know Your Customer (KYC) culture - while AML-KYC focuses mainly on determining the customers' identity (occupation, country of origin, etc.), FATCA-KYC focuses on separating potential US customers from non-US customers with the aim of preventing offshore tax evasion.
Broad-level similarities between the two can be highlighted as below:
- Ongoing due diligence, which means that customers need to be continually monitored even after the onboarding KYC checks are completed.
- Enhanced due diligence for a specific set of customers (albeit different sets).
- Screening and classifying customer profiles with the help of specific business rules.
- Both regulations involve similar actors like a central data warehouse, a team of investigators, relationship managers and a customer communications team.
There are, however, some differences between the two as well:
- AML is a classification based on a risk-based approach while KYC is a classification based on US indicia.
- AML regulations are not standard (although they are broadly similar, they tend to differ from region to region) across the globe since AML laws differ from country to country. FATCA regulation is standardized (IGA 1, IGA 2 or Full FATCA), thereby ensuring that the KYC requirements for FATCA are also standardized.
- AML is transaction-based while FATCA is profile-based.
- Reporting for AML (filing SAR) is to be done on a case-by-case basis, while that for FATCA is done on an annual basis. Further, AML reporting is done to the local regulator while FATCA reporting is to be done to IRS (exception model 1 IGA).
Despite these differences, at a broad level, the data requirements for the two regulations indicate a good amount of overlap.
This commonality makes a very strong case for devising a generic framework that can help a financial institution reap the rewards of synergies. The advantages that a common framework may provide are:
- Simplified on-boarding procedure: Collect the FATCA data along that required for AML, thereby reducing the burden on customers by doing away with multiple forms during on boarding.
- Centralized data storage: Streamline the KYC framework and store all the KYC data in one location. This will help in extending the same data to any future regulations that are similar.
- Reduction in hardware costs: This is achieved by consolidating both data sets and running the business rules on the same server. Since the FATCA checks can be carried out at any point during the day, it can be scheduled as a part of daily end-of-day (EOD) processes to avoid any overlap, thereby optimizing performance.
- Lower personnel costs: Investigators can be trained on both FATCA as well as AML. Since, after the initial screening, the volume of customers for investigations is unlikely to be very high, the same set of investigators can be used for both regulations.
- The looming possibility of similar regulations in multiple countries/regions: For example, countries like UK and China planning regulations similar to FATCA, makes a strong case for developing a flexible framework that can be extended to any number of countries.
- The ability to leverage existing processes for FATCA rather than develop new processes from scratch will also result in considerable cost reductions. Most financial institutions already use third-party tools for AML screening, and most IT vendors have developed a FATCA engine. It may also be worthwhile to check the feasibility of an existing tool being extended to cover FATCA requirements as well.
As we can see, the nature of the similarities between AML & FATCA enables synergies in implementation that offers a significant scope for cost savings. However, the decision on whether to implement a common framework for AML and FATCA should be taken only after due deliberation and impact assessment. If the impact of either of these regulations on a financial institution is limited, it may be wiser to keep the frameworks decoupled and implement independent small-scale (in-house) solutions.