The purpose of performing case-to-case investigation is to ensure that each case is appropriately investigated and relevant evidence is gathered to conclude the case. The ML/TF case investigation is a process that involves the review of historical financial transactions and other related information, to identify the root causes of the ML/TF event that occurred in the entity. It involves the analysis of various conditions that highlight the breaches of internal controls, and any possible management bias for the actual financial crime incident.
The identification process is also a forward-looking activity to assess the possibilities of the reoccurrence of financial crime incidents. To assess the reoccurrence of ML/TF activities in the future in any particular department or function of the company, the investigators analyze the historical as well as current financial crime trends and incidents, to establish the inter-connections between them. This connection assessment helps in the prediction of possible future fraud incidents.
Purpose of Case-to-Case Investigations in AML Compliance
Investigation of transaction alerts generated during the period is performed by the Compliance AML team, which checks the risk profile of the customer against the transaction generated as an alert. In case the detail of the risk profile is not matched with the transaction, the information is obtained from the customer about the nature and purpose of the transaction. If the customer provides appropriate feedback that matches the transaction, then the AML team marks the alert as close. In case the customer does not provide a satisfactory response or hides the information then the transaction is considered suspicious.
Institutions focus on transactions for incorporation in the narrative part of the suspicious activity report (SAR), and in some cases, the managers and investigators usually are from the background of the regulatory job who have experience with ML and financial investigations and possess knowledge about the relevant regulatory requirements.
Transaction investigators also participate in monthly group meetings that provide the ability to discuss issues across various channels. A business group discusses cases or new trends discovered. This allows for cross-training to understand the ML risks that exist within the different processes. Once a transaction alert is generated by the monitoring system, 6 months of account activity is reviewed. Once a decision is made to initiate an investigation, the alert is entered into the bank’s case management system. At this point, the timeline for filing a suspicious activity report (SAR) starts.
Different tools are used to track the relevant information for the preparation of SAR and its filing. The information may be the transaction data, customer profile data, and related account activity and information. The system allows the monitoring analyst to check other information databases to pull all available information together into a concise form for analysis, management review, and approval. Investigators focus on determining where the money came from, what happened to it while at the bank, and where it went when it left.
After the filing of the SAR, the bank conducts a post-investigation to determine if suspicious activity continues and if a supplemental SAR is required. In case of a second SAR, the account closure process is required to be initiated. The bank uses the suggested SAR filing tool, to include investigative details before proceeding and/or submitting the SAR.
If a SAR is not filed, then the investigator reflects this as an “unfiled case.” Supporting documentation as to why the SAR is not to be filed is included in the respective customer file. An indication as to whether or not the account will continue to be monitored is also mentioned, for reference purposes.
To detect incidents of crimes such as fraud, all the processes and activities are studied to find the controls weaknesses, and possible avenues, which are exploited by the employees or other stakeholders. Financial crime detection is an ongoing process that is performed to assess the possibility of the occurrence of fraud in any particular area of the department.
For investigation purposes, the investigation team may use a database built to record the details of ML/TF risks and incidents, including the details of the progress of their previous investigations. Such databases must be analyzed and monitored on an ongoing basis. This helps management in understanding the reasons and causes of ML/TF incidents, therefore, management establishes and implements relevant processes and procedures to prevent the occurrence of similar ML/TF activities.
The compliance team may be held responsible for periodic review and updating of the database to ensure that it remains current and relevant for future ML/TF risks identification and management. The database may be based on different parameters to highlight the criticality of the ML/TF risks and incidents.
Case-to-case investigations are a crucial aspect of Anti-Money Laundering (AML) compliance. The purpose of these investigations is to identify, investigate, and report suspicious activities that could be indicative of money laundering, terrorism financing, or other financial crimes.
AML compliance programs require financial institutions and other regulated entities to implement policies and procedures for detecting and preventing money laundering and other illicit financial activities. One of the key components of these programs is to establish a process for conducting case-to-case investigations to identify and report suspicious transactions.