• silicon.com
• Management
• CIO Insights

By Carol Wheatcroft, 1 November 2007 12:31

COMMENT

The crackdown on financial crime has opened up opportunities for vendors to produce applications that automatically keep banks compliant with changing regulations. Carol Wheatcroft argues that hosted services offer a viable alternative to in-house development - even for such sensitive operations.

Life can be tough for vendors pushing software for a task customers don't really want to undertake. This is the challenge faced by many vendors of anti-money laundering (AML) software. But this is no hard-luck story because most vendors have found new ways to extend their products and open up new market segments.

Financial services providers are key in the fight against money laundering because they provide an access point to the world's financial systems. But they have no commercial reason for undertaking AML surveillance. Nevertheless, the fear of large fines for failure to comply with regulations, along with the risk of a damaged reputation, can encourage a global bank to spend more than $2m on an AML system.

Cheat Sheets

♦ Basel II
♦ MiFID
♦ Sarbanes-Oxley

Several major banks have received, or are under threat of receiving, hefty fines for this reason. For instance, global banking group ABN AMRO was fined more than $80m in December 2005 and has reportedly set aside a further $498m in anticipation of a second fine from US prosecutors. The prosecutors also recently filed a $130m lawsuit against Lloyds TSB, alleging the bank had knowingly helped to launder proceeds from a large securities fund.

The tough regulatory stance adopted in the US is a boon for AML software vendors that have recognised the increasing pressure on tier two and three banks to improve surveillance of money laundering. These smaller financial services providers have until now relied on some automation - often developed in-house - and a variety of sampling techniques to address AML surveillance.

But canny vendors have shown the regulator the depth of institutional surveillance they can achieve and thereby raised the bar all round. To make the newer surveillance technology more affordable, at least three vendors have begun to market hosted products or software as a service (SaaS).

Falling costs for bandwidth and improved software delivery models have provided the general spur for growth of SaaS but there had been little evidence this type of service was adopted for compliance solutions.

Issues of data integrity, disaster recovery and security will weigh heavily on the minds of decision makers. On the surface these reasons alone seem likely to deter a heavily regulated sector from considering SaaS for operational areas where they could face significant fines for failure to comply.

However, 2007 has brought a change and an increase in the number of vendors marketing hosted AML solutions to the wider market for compliance information services, know your customer (KYC) and transaction monitoring - especially in the US.

Vendors claim total cost of ownership of their solutions is at least 30 per cent lower than the cost of a licensed in-house product - enabling them to deliver more benefit for lower cost.

In addition, they have adopted many of the practices used by professional services providers. For example, they have had their delivery systems and procedures verified by external audit and are willing to accept service-level agreements in contracts. Acquisition by or in partnership with large, respected industry players that host the solution, provides financial services providers with additional confidence that SaaS models will not land them in regulatory hot water.

It is unlikely SaaS delivery models will appeal to large global banks that can gain greater economies of scale by adopting a holistic approach to their programmes for fraud risk and compliance. But even in this case, vendors have recently completed a number of mergers and acquisitions to widen their offerings beyond AML and KYC to cater for a market shift towards enterprise-wide case management for alerts of potential cases of fraud or money laundering.

Ultimately, SaaS AML will only ever appeal to a relatively small, niche market.

To date, take-up of SaaS AML products has been mostly in the US. The key to the extent in which the market will develop in Europe lies with the regulators. If they adopt the tough stance of their US counterparts, it is likely that a market will emerge.

With adoption of the EU Third Anti-Money Laundering Directive by all member states by 15 December 2007, there is likely to be increased regulatory action. Life may not be so bad for purveyors of AML software after all.

Carol Wheatcroft is European banking and payments analyst at Tower Group