Why did Scandinavian banks have major global AML Compliance issues?

The Role and Responsibility Of the Board and Senior Management in Cybersecurity and Data Protection
January 15, 2019
Technology and non-stop connectivity for GRC concerns for improved performance
August 18, 2019
Several esteemed Scandinavian Banks, big and small have been involved in Anti Money Laundering (AML) and Know Your Customer (KYC) non-compliance that resulted in the nickname of the Scandinavian Laundromat. The key to all dedicated Governance, Risk Management and Compliance (GRC) effort is to connect the silos in the organisation and centralise data management so that cross-functional teams can work together. The third step after the end of the silo-era is the introduction of integrated enterprise-wide GRC solutions is to avoid all manual and error-prone processes. The next sustainable step is to introduce Robotic Process Automation (RPA) for screening and transaction alert and Artificial Intelligence (AI) to reduce false positives – together with Machine-learning to enable the discovery of suspicious behaviour.

Generate early warning signals for suspicious activity

Traditionally the  Nordic region has claimed to have a superior track record in the corporate world, with high stability and very few instances of criminal activity.Perhaps this assumption resulted in the compliance departments being naïve to what goes on in the real world.

With the resources the big Nordic banks have it seems alarming that the lack of enterprise-wide 360-degree customer overview resulted in a high volume of false positive alerts and thus avoiding

customer due diligence (CDD), revealing the low quality of data, transactions and incompatibility for integrating structured and unstructured data.

It also seems quite strange that the Nordic banks did not launch a joint venture to develop AML, KYC and other GRC infrastructure with the other Scandinavian banks. The Nordic banks are comparatively small, slightly old fashioned similar in their management style and focus on the same type of large and medium corporate customers and then later expand the cooperation to the retail customers both home and abroad.

Artificial Intelligence (AI) to identify suspicious transactions

When siloed organisations respond to enterprise-wide risk, a lot can go wrong because every department responds in its own way to regulatory compliance. Even though it is inefficient doubling or tripling of the compliance efforts, it does nothing to distinguish the financial company’s compliance attitude and solutions to the gaps of non-compliance.

The recent trouble with all global oversight authorities and the continued increased regulation has caused frustration for senior management while middle management sought to lengthy processes for lenders, also creating some false narratives in their compliance efforts. The answer instead, must be the introduction of AI, Robotic process automation (RPA) and Machine learning.

Despite the fact that the above most Nordic Banks have done little to change the traditional organisation structure and continue with the silo management that hinders data sharing, accountability, and visibility in the essential elements needed for enterprise risk management.

At the one-day GRC Foundation,Compliance training program will build the above-stated compliance gaps on the corporate risk culture. After the certification examination, we will provide the participants with templates for GRC execution and monitoring. This GRC toolkit can be of incredible value to build and monitor GRC compliance and build GRC awareness, develop a platform for ethical culture, and establishing acceptable standards of GRC discipline, behaviour, and finally not only how to mitigate risks but how to use GRC intelligence for performance, profits and sustainability.