October 07, 2003

For two years, Rodney Bahr, like many IT execs in financial services, has focused much of his attention on money launderers. That's because Bahr, a principal at St. Louis-based Edward Jones, is in charge of cash operations at the brokerage firm. One of his tasks has been to make sure the firm complies with anti-money-laundering requirements of the U.S.A. Patriot Act.

"Some of the challenges have been the sheer volume of transactions that need to be analyzed and go through some sort of surveillance," explains Bahr. "You have to sift through that data and really focus on the (transactions) that propose a risk of suspicious activity."

The Patriot Act was signed into law Oct. 26, 2001, following the terrorist attacks of Sept. 11. It provided a wide range of new legislative requirements to fight money laundering and the financing of terrorist activity.

Section 352 of the legislation requires financial institutions to develop internal policies, procedures, and controls to guard against money laundering. Under the legislation, institutions also must track and report suspicious activities. Those provisions became effective in 2002.

Section 326 of the act requires firms to establish a customer-identification program for those opening new accounts. Firms have to maintain records on customer information, including the methods taken to verify the customer's identity. They also must check those customers against a list of suspected terrorists.

Wall Street firms have been busy building systems to comply with the law and a number of vendors have emerged to help. "It's been a fairly sizable effort," says Edward Jones' Bahr, whose firm has built some of the apps internally and relied on external vendors for other portions.

Edward Jones built apps for "tracking cash equivalents and looking at the structuring of transactions," Bahr says, because the information was "embedded in all of our systems."

But the firm hired a vendor to help with systems needed for customer-ID verification because that task involves the comparing of the company's data against that held outside the firm, Bahr says.

Alfred Petrillo, senior VP of clearing operations at Jefferies & Company, a New York-based investment bank, elected to use an outside vendor to automate his firm's anti-laundering processes.

"We've always looked at new account set-ups" and "monitored fund movements in and out of accounts," Petrillo explains. "A lot of that was done manually."

Lists would be generated and checked and files sent to third parties for verification. After the Patriot Act, he "came to the conclusion that we needed some sort of platform to assist us." So Jefferies turned to Sybase.

"They minimize the mechanical effort," Petrillo says, and the software standardizes and scrubs information so the compliance team can more readily analyze it. "It gives you a lot of time to devote to looking at trends and historical patterns."

Most of the big financial firms have announced their anti-laundering plans, says Neil Katkov, a senior analyst with research firm Celent Communications. Mid-tier firms and small shops haven't, Katkov says, and "not all of them will."

Katkov recommended that financial institutions looking for a vendor make sure the company's technology covers three main areas.

* First is transaction monitoring, which includes scanning data in accounts and transactions and analyzing the information to identify possible money-laundering activity;

* Second is workflow, involving filtering information and checking-account holders and beneficiaries against watch lists; and

* Third, systems must be able to prepare the necessary reports to meet regulatory requirements.

Katkov examined 16 vendors for both transaction monitoring and watch-list filtering and identified those best suited to large institutions versus small.

For transaction monitoring and large institutions, top-ranked vendors included ACI Worldwide, Mantas, and SearchSpace. For small and mid-tier institutions, Actimize, Prime Associates, and STB Systems were cited as leaders.

Top vendors for watch-list filtering for small outfits were Americas Software, Bridger Systems, and Prime Associates. FircoSoft got the nod for large institutions.

Dale Simonson, a senior manager at the Chicago office of consulting firm Cap Gemini Ernst & Young, says one of the problems firms face in building their systems is understanding exactly what data regulators are looking for.

"A lot of brokerages are trying their best to meet the fairly vaguely worded requirements in a way that will pass muster with the various regulatory bodies," he says.

"Regulators have not been very good at giving any feedback," Katkov says, However, he says, as more firms file suspicious-activity reports and regulators build up a bigger history of what is going on, "I think regulators will start giving feedback."

Katkov says when it comes to money laundering, banks are more of a target than brokerages, which he estimates account for between 15% and 25% of activity, compared with 40% for banks.

But the technology to battle money laundering isn't cheap. "The primary solutions providers out there are quite expensive for the small broker-dealer," Simonson says.

Most larger institutions are turning to outside firms, Simonson says, "because they feel that if they get a vendor who is anti-money laundering compliant and recognized by regulators and readily accepted, they will short-circuit the review process."

This article appeared in InformationWeek, Oct. 6, 2003 http://www.informationweek.com/story/showArticle.jhtml?articleID=15201487