Subscribe to our blog

Get ahead with our award-winning insights on the latest developments in the fraud and compliance landscape. Enter your email below to receive our blog posts directly to your inbox.

Your company expanding is exciting, growing your client base is very exciting, but if you are the compliance officer or a compliance agent managing this growth in Excel spreadsheets, that excitement might be mixed in with worry and trepidation. After all, those spreadsheets can lead to fines from regulators.Financial institutions that need to perform transaction monitoring for anti-money laundering (AML) tend to start using spreadsheet tools like Microsoft® Excel to record, evaluate, and report to the regulatory bodies. Compliance officers become experts in tools like pivot tables to normalize data so that it can be analyzed and evaluated in an easier manner. 

However, as operations grow, the limitations of Excel become apparent very quickly. It typically doesn’t connect to Know Your Customer (KYC) data, or other tools. This means that the compliance organization is logging into multiple systems, transferring data from one system to another to get the whole story. Operations become tedious and inefficient, and the large amounts of data make it difficult to perform efficient reporting. Excel hampers thorough evaluation, and therefore also impedes the detection and prevention of money laundering.

Small companies fear the cost and learning time posed by compliance operations, so tend to stick with manual operations longer than they should. One of the first big pains comes when exams, either State or Federal, begin. As financial institutions (FIs) grow, the regulatory oversight also grows. We have seen small FI’s of only a few people fined for using spreadsheets as their transaction monitoring tool. Examiners are looking for a cohesive system that brings data together.

What examiners want to see

  1. Robust AML policies and procedures
  2. Your monitoring system
    They want to know that:

    • The rules and thresholds set in the system are in accordance with policies and procedures
    • There is an effective alert generation system in place. They will do this by looking at the alert generation methods, and run scenarios with different threshold settings to test the operational effectiveness of alert generation
  3. Reporting and filing methods
    • Historical daily, weekly and monthly reports of suspicious activity
    • Resolutions on items you allowed to go through
    • Details on exemptions
    • Timelines of what happens through alert generation through to review and filing

One company we began working with had previously received a finding and was fined over $10,000 by a US state because while they were performing transaction monitoring and had all their data in Excel spreadsheets, they couldn’t prove when their transactions occurred. They had timestamps in their database, but that wasn’t sufficient for the regulator who wanted all the data in one place.

Not only was this fine painful, but the finding required an inordinate amount of manual labor to try to resolve the issue. Moreover, any finding will be documented so that other States and the Federal Government will also look to ensure it has been resolved.

Basic transaction monitoring and reporting isn’t particularly difficult, and that is why spreadsheets are used at the beginning. But that functionality is very limited and it doesn’t scale.

Risk-based strategies for transaction monitoring are more effective for detecting suspicious activity while reducing false positives.  This means the framework for evaluating transactions has to be able to enable the operational workflows that consider the risk of the entity/individual behind the transaction and applies appropriate risk rules/models to their transactions.

RegTech platforms like IdentityMind’s make the operations of AML affordable, even for small growing companies. IdentityMind’s risk and compliance platform records all transactions, monitors them against regulatory rules to detect and alert on suspicious activities. It provides alert and case management capabilities and automated reporting of suspicious activity reports, making it easy to show an effective process to regulators. It has helped many small and large financial institutions go through exams in an efficient manner, and has stopped transactions that otherwise may have financially hindered their businesses.

Join us in our upcoming webinar to see how IdentityMind’s platform delivers all this on Tuesday February 13th at 10:00am PST. We’ll address the common reasons compliance officers are reluctant to part ways with Excel, and the ways Regtech solutions address them.

Registration is free, and if you can’t make it, you can always sign-up and watch it on demand later.

Kill Excel: Better Compliance Efficiency Through Regtech

Microsoft® is a registered trademarks of Microsoft Corporation in the United States and/or other countries.