The IBA WGR on AML/CFT 2010 : Alert Generation

By

Summary Chapter 6: Generation of Alerts


Alert generation involves application of scenarios and risk factors to detect potentially suspicious activity. Effective alert generation is very critical to the quantity and quality of the STRs generated by the bank. Indicators are circumstances that indicate suspicious nature of transactions. Suspicious transactions may be detected from one indicator or a set of indicators

In the new reporting format specifications, the banks are required to provide information about the source of alert and the alert indicator(s) for detection of suspicious transactions. The explanation of the suspicion related details is provided in Appendix-D of the IBA Working Group report 2009.

 

Bank should have adequate process and systems for detection of transactions and reporting of suspicion identified by the employees at Branches /Departments and using Alert Generation Software.

 

Identification of Suspicious Transactions by Branches /Depts

 

There are certain types of transactions which can be identified at the branches/Dept and is more likely to be related with following sources:

 

Customer verification (CV): Detected during customer acceptance, identification or verification (excluding reasons mentioned in other codes)(e.g, use of forged ID wrong address etc..)

Law Enforcement Agency Query (LQ): Query or letter received from law enforcement agency LEA) or intelligence (e.g., blocking order received, transaction details sought etc..)

Media Reports (MR): Adverse media reports about customer (e.g. newspaper reports)

Employee Initiated (EI): Employee raised alert (e.g. beg

behavioural indicators such as customer had no information about transaction , attempted transaction  etc..)

Public Complaint (PC): Complaint received from public(abuse of account for committing fraud)

Business Associates (BA): Information received from other institutions, subsidiaries or business associates (e.g. cross-border referral , alert raised by agent etc..).

The list of commonly used alert indicators for detection of suspicious transactions at Branches / Dept is given in appendix-E. The first two characters in the alert indicator code denote the source vof alerts as mentioned above. Banks are also encouraged to apply additional alert indicators to address specific risk faced by them

The bank in order to fulfill its obligations under the PMLA has to report these suspicious transactions. To enable seamless reporting and at the same time not to burden the staff with additional requirement of investigating the case and establishing suspicion,  a designated email ID or portal may be made available to the staff at the branches to log in the details of the suspicion identified/attempted transactions.

 The AML Cell should access the e-mail /portal. Once the e-mail is received/details logged in a portal, the centralised  AML Cell should consider creating manual alerts in the AML software. Where required review of the KYC Document obtained at the time of opening the accounts, transactions in the account etc.,,should be carried out by the AML Cell and additional information if required from the branches to be obtained to arrive at any decision. Creation of manual alert would help in allotting an alert id for each case in the AML Software, which would in turn help in ‘case Management’

The review /investigation process to be followed would be the same as applicable in case of alerts generated through the AML software which is detailed in the section below

 

 Identification of Suspicious Transactions at Centralized AML Cell

 

All banks are required to implement a sophisticated ‘AML Software’ application to throw alerts for transaction monitoring which can be centrally analysed by the Central AML Cell. It is an important requirement for robust transaction monitoring system, especially in view of the high number of transactions that the banks handle everyday, which is making it increasingly difficult to monitor this through manual methods.

 

RBI circular requires every bank to put in place an appropriate software application to generate alerts when the transactions are inconsistent with risk categorization and updated profile of customers. It is needless to add that a robust software throwing alerts is essential for effective identification and reporting of suspicious transaction (para 2.19(iv)d) of circular dated July 01, 2010)

 


An AML/CFT Software solution should provide interface wherein data from core banking system is uploaded into it on a daily basis. It is based on this information that the software must generate alerts. The software should also be compatible with the core banking system and scalable and up gradable to meet the changing face of banking. For the key features that should be available in the AML software, banks may refer guidance note on Know Your Customer (KYC) norms ant Anti-Money Laundering (AML) standards published by Indian Bank’s Association – Features that should be available while selecting software. 


The identification of suspicious transactions at centralized AML cell using alert generation software is more likely to be related to following sources:

 

Watch List (WL): The customer details matched with watch lists(e.g., UN List, Interpol List etc..)

 

Typology (TY) : Common typologies of money laundering, financing of terrorism or other crimes(e.g.,structuring of cash deposits etc..)

 

Transaction Monitoring ( T M):  Transaction monitoring alert (e.g.., unusually large transaction , increase in transaction  volume etc..)

 

Risk Management System (RM): Risk management system based alert (e. g. high risk customer, country, location, source of funds, transaction type etc..)

 

The list of commonly used alert indicators for detection of suspicious transactions at centralized AML Cell using alert generation software is given in Appendix F. the first two characters in the alert indicator code denote the source of alert as mentioned above

 

Banks will have to select appropriate number and value thresholds before implementing the alert indicators using alert generation software. Banks are also encouraged to apply additional alert indicators to address specific risks faced by them

 

Implementation Approach

 

Banks should assess their existing capability of alert generation and take steps to implement relevant indicators in a time bound manner. The alert indicators are broadly segregated into two phases to assist banks in planning a phase wise implementation.

 

Phase

Implementation of Alerts

Short term (within 12 months)

All relevant alerts under Customer Verification(CV)

All relevant alerts under Customer Verification(CV)

All relevant alerts under Law enforcement Agency Querry(LQ)

All relevant alerts under Media Reports(MR)

All relevant alerts under Employee Initiated(EI)

All relevant alerts under Public Complaint(PC)

All relevant alerts under Business Associates(BA)

Alert Indiactors WL1.1 and WL1.2 under Watch List (WL)

Selected  alerts under Transaction Monitoring( T M )

Selected  alerts under Typology(TY)

Selected alerts under Risk Management System (RM)

Medium Term (Within 36 months)

All remaining  alerts under Watch List (WL)

All remaining  alerts under Transaction Monitoring (T M)

All remaining  alerts under Typology(TY)

All remaining  alerts under Risk Management System(RM)

 

 



Happy Reading,


Those who read this, also read:



1. The IBA Working Group Report on AML/CFT  2010 :  Alert Management

2. The IBA Working Group Report on AML/CFT  2010 : Appendices A, B and C

3. The IBA Working Group Report on AML/CFT  2010 : Appendices D & E

4. The IBA Working Group Report on AML/CFT  2010 : Leagal Franework and  Risk Assessment

5. The IBA Working Group Report  on AML/CFT 2010 : Preparation & Submissionof STRs

Formerly Faculty for Finance & Associate Dean, IBS-Kochi MBA (Banking & Finance – CUSAT);CFA. Accredited Management Teacher from CME of AIMA, Delhi has been in Management Education from 1988. Exposure is in the field of Mutual Funds, Market Research, Project Report preparation & evaluation, Advertising & NGO Activities. This Chief Manager, UTI Asset Management Co Pvt. Ltd(1992-2003), Mumbai. Undergone training in Case Study method of teaching under Mr. Trevor Williams and Mr. Scott M Andrews conducted by the ECCH, UK . Published Books & Book Review, Series of academic articles and maintains a column on MFs under "Fund scan" in Business Manorama since January 2007,Contributes "Portfolio Doctor" column for 'Sampadyam' a wealth mgt publication in Malayalam from manorama group since February 2007, Listed her case studies at asiacase.com.Presented papers in national & international conferences on Mutual Funds. Faculty Member @ ASIET, Kalady from 2010 to June 2019. Dean @ SNGIST, N Paravur, Ernakulam from Sep 2019 -Jan 2021, I continue my efforts to spread the knowledge in area of Finance and contribute to Management Education

Comments

Post a Comment

Popular posts from this blog

National Risk Assessment (NRA): India

By
  India's National Risk Assessment (NRA) is  an ongoing exercise to identify sectors that are vulnerable to money laundering and terrorist financing (ML/TF) .  The NRA is based on recommendations from the Financial Action Task Force (FATF) and helps inform policy-making, resource allocation, and the implementation of effective AML/CFT measures. The NRA also ensures that national strategies address both domestic and international threats. The NRA provides a foundation for informed policy-making, resource allocation, and the implementation of effective AML/CFT measures . It ensures that national strategies are aligned with the specific risk landscape of the country and that they address both domestic and international threats. The subject matter of NRA  was discussed in the Anti-Money Laundering Steering Committee (AMLSC) set up with the approval of Finance Minister, and it was decided to conduct the NRA following the World Bank methodology. The Methodology requi...
Read more

Customer Due Diligence(CDD) : Individuals

By
Image
This post is based on RBI Master Circular dated Feb 25, 2016 updated on Jan 04, 2024  Part I - Customer Due Diligence (CDD) Procedure in case of Individuals For undertaking CDD, REs shall obtain the following from an individual while establishing an account-based relationship or while dealing with the individual who is a beneficial owner, authorised signatory or the power of attorney holder related to any legal entity: (a)     the Aadhaar number where,   (i) He is desirous of receiving any benefit or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18 of 2016); or (ii) He decides to submit his Aadhaar number voluntarily to a bank or any RE notified under first proviso to sub-section (1) of section 11A of the PML Act; or (aa) the proof of possession of Aadhaar number where offline verification can be carried out; or (ab) the proof of possession of Aa...
Read more

Periodic Updation of Customer Risk Profile

By
1. Preparation of Customer Profile from KYC Data In the initial years of KYC, RBI has been following a handholding approach as can be seen from their circular dated July 2009 and that of Feb 25, 2016 as updated on Jan 04, 2024. RBI requires REs to conduct risk profiling and risk categorization and periodic updation.  Extracts from RBI MD dated July 01, 2009 under Customer Acceptance Policy a)ii) Parameters of risk perception are clearly defined in terms of the nature of business activity , location of customer  and his clients, mode of payments, volume of turnover, social and financial status etc. to enable categorisation of customers into low, medium and high risk (banks may choose any suitable nomenclature viz. level I, level II and level III). Customers requiring very high level of monitoring, e.g. Politically Exposed Persons (PEPs) may, if considered necessary, be categorised even higher; b). Banks should prepare a profile for each new customer based on risk categorisatio...
Read more