We also have a strong customer data capability having integrated the wholesale banking customer and compliance data for a global banking merger and created a golden-source customer dataset across multiple brands for a major inter-dealer broker.The client data work we do is usually to identify common clients across multiple data sets and then integrate them into a golden source database. The integration exercise usually involves a data clean-up and remediation of client and client compliance data and files.
We also have a strong customer data capability having integrated the wholesale banking customer and compliance data for a global banking merger and created a golden-source customer dataset across multiple brands for a major inter-dealer broker.The client data work we do is usually to identify common clients across multiple data sets and then integrate them into a golden source database. The integration exercise usually involves a data clean-up and remediation of client and client compliance data and files.
We also have a strong customer data capability having integrated the wholesale banking customer and compliance data for a global banking merger and created a golden-source customer dataset across multiple brands for a major inter-dealer broker.The client data work we do is usually to identify common clients across multiple data sets and then integrate them into a golden source database. The integration exercise usually involves a data clean-up and remediation of client and client compliance data and files.
The difference between the two
A health check refers to a high-level review of the design of a framework and can identify major problem areas in a framework. A maturity assessment is more advanced and provides a detailed review of a firm’s framework which includes the testing of the effectiveness of the framework itself.
Health Check
Maturity Assessment
Review of policies relating to relevant regulations
Review of policies relating to relevant regulations
High Level mapping of policy to regulatory obligations
Detailed mapping of policy to regulatory obligations
Review all procedures relating to operational controls and map these back to the policies
Review all procedures relating to operational controls and map these back to the policies
High Level review of the regulatory framework covering relevant systems, processes and ensuring that governance is in place in order to meet current regulatory requirements
High Level review of the regulatory framework covering relevant systems, processes and ensuring that governance is in place in order to meet current regulatory requirements
High level review of all procedures and documents describing controls and processes (excludes control testing)
Review of all procedures, controls and processes including detailed controls testing.
Carrying out a sample review of the operational outputs (files, reports etc.) in line with current policy and procedures
Reviewing any risk methodologies applied in relation to the specific regulations
Reviewing and testing any monitoring programme - this will include system profiling and reviewing parameters, as well as sample checking the outcome.
Reviewing the firm’s reporting (regulatory reporting, SARs, STORs etc) and monitoring controls
Reviewing and testing the internal and external data inputs to the process and on-going review and escalation processes
Brief review of systems which the firm uses to benchmark to best practice
Brief review of systems which the firm uses to benchmark to best practice
Reviewing the training programmes
Reviewing the training programmes
Reviewing the data retention/record keeping arrangement in relation to its obligations
Reviewing the data retention/record keeping arrangement in relation to its obligations
Meeting with personnel in the 1st and 2nd line of defence to understand the processes they undertake and to ascertain the level of understanding of the regulatory requirements within
Presentation of detailed findings in report format
Presentation of detailed findings in report format including an assessment against the maturity of processes amongst similar firms in the market (market benchmarking) and its suitability for the firm's business mix and risks.
Increase effectiveness,
focus on efficiency
To optimise firms’ FC controls, require an increase in effectiveness of processes along with a dedicated focus on high efficiency which will facilitate sustainable processes to demonstrate effective FC controls under scrutiny.
Firms must also view the improvement of their FC controls as a good commercial investment by focusing on the business advantages these could have for the firm.
Developing Effective Financial Crime (FC) Frameworks
The following directional indicators provide a high-level overview of the implementation and ongoing assessment of sustainable FC controls.
Key Directions
Risks / Actions / Benefits
Assessment of FC risk & controls effectiveness (“FCRA”)
Understand the FC risk and the effectiveness of existing controls.
Create and maintain a library of existing FC risks & controls (tested & untested)
Conduct the mandatory annual FCRA, to drive decisions on: Improvements /transformations; Resources; Management of gaps and de-risking activities; Prioritisations and budgets; MLRO report.
Cost / benefit analysis and assessment of FC controls
Provide clearer understanding of the real cost of compliance.
Continuous risk/benefit assessment to drive controls enhancement and optimisation across FC operations (KYC/KYCC, TM, Screening, escalation);
Effectiveness of FC risk and controls reporting (MI – complete,
accurate and timely);Costs and impact analysis on:
De-risking – cost/benefit, strategy, action;
Customer experience
FC specialist resources and activities (FC ops)
FC activities as part of BAU.
Optimisation of FC controls - Sustainability
Improve the effectiveness and efficiency of FC controls driving sustainability.
Prioritisation & decision – FC governance - supported by complete, accurate & timely MI;
Budgets – Senior executive and board approval
Supporting resources planning for 6 months/12 months/3 years to
support:Lean FC governance and robust 3LoD structure and capabilities;
Clear and realistic objectives taking into consideration the 10
universal outcomes of Principled Performance;Adequate resources with the necessary skills and expertise to drive
high performance.
Automation focus on optimisation across:
FC operational activities; and
Assessment and reporting.
Assurance and Testing
Assess, measure, and provide ongoing assurance.
Development of assurance plan and control testing – assess and measure;
Reporting into a functional FC Governance structure to support decisions:
Executive decisions;
Committees & forums.
Escalation and decision on tactical/planned improvements.
