Cybersecurity and cybercrime have emerged as the top threat for financial crime professionals, and regulatory scrutiny ranks as the largest challenge for compliance programs, according to the results of a just-released ACFCS member survey.
ACFCS polled its member base to dig into the top risks, concerns and pain points for financial crime professionals. Respondents included compliance officers from a variety of institutions, including predominantly banks at nearly 62 percent, but also large corporations, law enforcement, financial services regulators and service providers.
One of the most eye-opening statistics uncovered by the survey: 15% of respondents stated their organization has fully converged its financial crime detection and prevention functions, while 55% said their organization had started down the path even if they haven’t fully integrated functions like anti-money laundering (AML), fraud and cybersecurity divisions.
The survey touched on how financial institutions are dealing with wider trends, such as more creative criminals and hackers and more intense regulatory rigor in exams.
Part and parcel of the survey was to garner a better understanding of what the association can do to further improve results in financial crime detection and prevention for professionals at all levels, from tellers to top management, junior analysts to senior investigators.
Here are some of the findings of the survey:
Cybercrime is having its moment in the spotlight
When asked to rank the areas of financial crime that presented the biggest challenge currently, 34% of respondents chose cybersecurity, ahead of money laundering at 24% and fraud at 19%.
In a year marked by revelations of massive data breaches like the ones that struck Yahoo and LinkedIn, and growing recognition of emerging threats like business email compromise schemes and ransomware attacks, it is perhaps not surprising that cybersecurity should take the top slot.
It also reflects the growing intersections between cybersecurity and IT roles, and compliance roles like AML and fraud, as best exemplified by FinCEN’s recent guidance on information-sharing and collaboration to prevent “cyber-enabled” frauds.
Convergence in some form has gained widespread adoption
As mentioned, a full 70% of respondents stated their organizations had either fully converged or converged some functions responsible for financial crime detection and prevention. An additional 17% said their organization had plans to converge, but it hasn’t happened yet.
Only 13% said their organization had no plans to embark on a convergence of financial crime functions at this time. The results reflect the ongoing expansion of a trend that began with the merger of AML and fraud departments at some institutions nearly a decade ago.
Rising liability for compliance roles has had an impact, but how severe is unclear
With so much fear and uncertainty tied to the liability of compliance officers, the association had to find out what affect those government initiatives were having on the ground with the question, “How is the trend of rising personal liability for compliance officers affecting your program?” The most popular answer at 33% was “no impact” (Further, 32% responded that the question was not applicable – most of these were individuals who were not in compliance roles).
However, 10% of respondents indicated that the bullseye now hanging over compliance officers has made it harder to hire and/or retain staff at senior levels, and 25% stated it was harder to do so for staff at all levels.
While liability concerns may not be leading to a doomsday scenario for compliance staffing, as some predicted, they are clearly having an impact.
Compliance professionals are feeling the regulatory pressure
Heightened regulatory expectations are a perennial headache for compliance officers, and based on survey results, few would argue that they’ve tapered off in 2016. On that end, 25% of respondents named “pressure and scrutiny of regulators” as their organization’s top challenge.
Even so, the regulatory microscope was only one of a myriad of challenges reported by all financial crime professionals, not just compliance officers.
Lack of budget, complex technologies and staffing shortfalls also ranked highly as challenges, each garnering slightly more than 17% of responses apiece.
Here are some examples of questions and responses:
What are the biggest challenges currently at your organization?
|Answer Choices –||Responses –|
|Lack of budget||17.50%|
|Insufficient staffing levels||17.50%|
|Lack of qualified staff||7.50%|
|Complexity of technology||17.50%|
|Pressure and scrutiny of regulators||25.00%|
|Rising risks of liability||15.00%|
Which areas tied to financial crime would you say are the biggest challenge right now? Please rank them, with one being the most challenging and six the least challenging.
For financial crime compliance roles, which area do you find is receiving the greatest scrutiny from regulators?
|Answer Choices –||Responses–|
|Customer due diligence (CDD) and know-your-customer (KYC)||43.90%|
|Risk assessments, scoring and the accuracy of the back-end methodology||29.27%|
|Tuning, accuracy and related model validation of transaction monitoring systems||12.20%|
|The quality of SARs/STRs and reasoning behind SAR/STR decision-making||12.20%|
|The experience of staff, particularly at more senior levels||2.44%|