The SAS Anti-Money Laundering Enterprise - Research Paper Example

The SAS Anti-Money Laudering Enterprise I. Executive Summary The 9/11 terrorist attacks may have ushered in reforms in security implementation and defense administration (Walker, 2003). Efforts may have been doubled so as to prevent another tragic incident that would once again bring the world onto its heels. Resources that were originally directed towards a certain undertaking may have been intentionally skewed so as to permit the intensification of the United States’ effort to eradicate terrorist activities. Government officials have sought to establish legislative enactments aimed at toughening the stance of the United States against terrorism. But the fact remains that such changes have not been confined at the federal level. Private entities, such as banks, have likewise adopted means to curtail the prevalence of such terror campaign by implementing systemic and operational adjustments into their companies. Banks have been considered as indirectly associated to terrorist activities due to the role that such entities play as instruments of money laundering (Walker, 2003). A report released by the World Bank in collaboration with the International Monetary Fund in 2002 stated that the success of criminal enterprise had been largely dependent on their capability of “cleansing” their ill-gotten wealth by moving such gains through the slack and often negligent corrupt government extant around the world. The report also stated that through this leniency, terrorists have then gained access to legal means to expand their pursuits by providing them with a means to legitimize such tainted funds. Furthermore, the World Bank declared that the furtherance of terrorism may not be entirely be the gross consequence of money laundering as studies likewise prove that often, money laundering investment practices have been found to distort currencies and interest rates (World Bank, 2002). For this reason, it is vital to identify the major steps taken by banks and other financial institutions to curb the preponderance of money laundering. It likewise necessary to determine whether such steps undertaken by said entities are not only viable but workable and effective. a. What is the regulation? The SAS Institute Inc., a computer software producer based in North Carolina developed the SAS Enterprise Financial Crimes Framework for Banking, which is a series of software tools aimed at detecting and mitigating financial crime (BusinessWire, 2011). This SAS Enterprise is comprised of four (4) different sections, viz: (1) the ACH/Peer-to-Peer Wire Fraud; (2) the Card Fraud; (3) the Organized Fraud Rings; and, (4) the Anti-Money Laundering (BusinessWire, 2011). The last section or the Anti-Money Laundering considered as the most vital piece of the set as it pertains to a methodological advancement in information technology that detects and actually prevents money laundering (BusinessWire, 2011). The SAS Anti-Money Laundering is referred to as an enterprise solution that monitors suspicious activity through advanced analytics designed using the risk-based approach (BusinessWire, 2011). The base operational schematic of the enterprise is equivalent to a monitoring system that sifts through numerous transactional informations and singles out possible violators of the Anti-Money Laundering Act (AMLA) though the detection of suspicious behavior (BusinessWire, 2011). As soon as an irregular activity is discovered, the system will automatically send an alert to the designated officer regarding the said transaction (BusinessWire, 2011). The SAS Anti-Money Laundering functions as a multivariate technique of scrutinize all stored date as it automatically creates scenarios and risks factors utilizing available information and cross-referencing such to establish patterns and unusual behavior or activity (BusinessWire, 2011). Over-all the SAS Institute perceives four benefits of the SAS Anti-Money Laundering enterprise (BusinessWire, 2006). First is that it improves the accuracy of alerts. This is due to the fact that the SAS system is capable of creating scenarios that identify patterns (BusinessWire, 2006). As such, the system veers away from the sounding of the alert created by simple and low-risk transactions. With the complex schematic detail and intricate logical functioning of the SAS Anti-Money Laundering, corporations who opted it out will be rewarded with greater accuracy in monitoring accounts as it eliminates those low-risk activities and will distinguish only those with peculiar patterns of behavior (BusinessWire, 2006). The SAS Anti-Money Laundering enterprise is adaptable. This means that the acquiring entity may refine the set tools to key in the policies appurtenant to their own organization (BusinessWire, 2006). The users may feed in the information contained in their database and configure the behavioral pattern they wish to identify through a point-and-click interface (BusinessWire, 2006). Also, the said enterprise is a tool in improving the efficiency and effectivity of the conduct of an investigation through a precise and immediate reporting system. This is due to the fact that the SAS Anti-Money Laundering utilizes the risk-based approach, allowing only the strictest and most rigid analytical determination of suspicious accounts and disregards minimum to low risk behavioral patterns (BusinessWire, 2006). Finally, the SAS Anti-Money Laundering is capable of providing security by monitoring institutional risks. This means that the system is capable of matching the customer’s credit and risk scores to transactional behavior thereby establishing patterns in activity (BusinessWire, 2006). As such, a more in-depth analysis is afforded to the acquiring organization. Specifically, the SAS Anti-Money Laundering provides data management access and support allowing the maintenance of a structured and refined transactional map that delineates behavioral patterns and activities (BusinessWire, 2006). An alert generation process is likewise available and that it is customizable according to the acquiring corporation’s needs. Also, an enhanced risk detection and scenario analysis is included in the system limiting the sounding of the alarm to high risk activities only. The said system is also able to match the personal information and credit and risk scores of the client to the transactional data which creates a more in-depth perception as to the activity and its proponent account (BusinessWire, 2006). Furthermore, the SAS Anti-Money Laundering boasts of a watch-list matching, an integrated case management, efficient business analytics and simplicity in administration (BusinessWire, 2006). b. What is the purpose of the regulation? After the 9/11 terrorist attacks, the world became witnesses to the transformation of several of the public and private sector’s move to tighten its policies on security and safety measures (Enzer, 2011). Moreover, banks and financial institutions have seen it fit and just but proper to utilize the benefits associated with the technological age as they struggle to acquire the best software that would detect, mitigate and possibly eliminate illegitimate transactions equating to money laundering (Enzer, 2011). After all, this activity has been largely attributed as the single most potent factor that sustained the existence of terrorist groups all over the globe (Enzer, 2011). In this regard, the SAS Institute Inc. developed the SAS Enterprise Financial Crimes Framework for Banking which contains the SAS Anti-Money Laundering system. This particular system has been heralded as the top anti-money laundering (AML) software provider (BusinessWire, 2011) by the Aite Group’s “Global Anti-Money Laundering Vendor Evaluation: A Reinvigorated Market.” This particular system has been subscribed to by the Sky Financial Group, a financial services holding company located in Bowling Green, Ohio (BusinessWire, 2011). As a financial institution, the Sky Financial Group sought to improve their anti-money laundering facilities by acquiring the SAS technology thereby strengthening their AML compliance to the USA Patriot Act (The Washington Times, 2005). The USA Patriot Act was an act of the legislative that was signed into law by then President George W. Bush (Walker, 2003). This enactment was a response to the 9/11 terrorist attacks which basically reduced the restrictions imposed on communications, medical, financial and other similar records (Walker, 2003). As such, the SAS Anti-Money Laundering enterprise was designed in consideration of this legislative act (The Washington Times, 2005). II. Corporate Impact The acquisition of the SAS Anti-Money Laundering service will entail an encompassing transformation in an organization’s operational and systemic structure (Walker, 2003). In compliance to federal laws, there is a need to integrate such policy into the mandate of the organization (Walker, 2003). a. What will be the process for your organization to develop policies and procedures to monitor proactively for this regulation’s requirements? In order to ascertain that an organization will be able to ascribe to the requisites of the USA Patriot Act, there must be a designated group deemed as the risk assessment center that would monitor amendments to the said legislative enactment (Noe, 2006). Furthermore, a information technology department must be continually apprised of current developments in software and other related services (Noe, 2006). Collaboration between the two groups must be undertaken so as to afford the organization with the most efficient and most responsive system to account for the compliance to the said act. b. How will your organization structure and implement a clearly stated and widely understood employee-awareness training program for this regulation? Training and development programs have been widely considered as a vital aspect of an organization (Noe, 2006). As a result, new implementations, structural transformations and systemic modifications must be undertaken with the solid support of its human resources (Noe, 2006). As such, training and information drive must be the primal undertaking to be considered is such endeavor. The training activity must be undertaken first in the top level, beginning with the executives (Noe, 2006). The said officers must have an in-depth understanding as to the process involved in the system and a thorough awareness of the rationale for such enactment roughly translated as the ‘what,’ ‘for whom,’ ‘why,’ ‘how much,’ ‘when’ and ‘how’ (Noe, 2006). The middle management must likewise be provided with the knowledge concerning the intricacies involved in the enactment. However, the details may be toned down and involve only key aspects of the policy revolving on the ‘what,’ ‘for whom,’ ‘when’ and ‘how’ (Noe, 2006). The next step will be to conduct an all-out information dissemination drive on all of its employees. This only entails that ‘need-to-know’ aspects of the policy and would only constitute an organization-wide awareness (Noe, 2006). The most importance part of this information drive is the conduct of the training to the respective personnel directly involved in the conduct of the anti-money laundering activities (Noe, 2006). Considering that the SAS Anti-Money Laundering enterprise is an information technology software, this would largely require the participation and support of the IT department. Such involvement would relate to basic operational knowledge by the operators, to a more advanced understanding needed by the conceptualizing team tasked to perceive risk indicators and into a more in-depth and detailed comprehension of the entire undertaking for the supervisory and management group (Noe, 2006). III. Ethical Issues The enactment of the USA Patriot Act has sparked debates in the United States as well as in other countries around the globe. The relative laxity in the restrictions imposed upon by the said enactment has spurted the clamor of human rights advocates that such enactment tramples upon intrinsic right to privacy of an individual (Walker, 2003). However, the other side of the debate would call in the need to look into the general welfare of the society as being of primal importance and that sacrificing such trivial matter as the right to privacy is a matter of no contest (Walker, 2003). a. Are there any ethical issues associated with the regulation? The very idea of the SAS Anti-Money Laundering enterprise as being founded upon the principles set forth in the USA Patriot Act is enough to cast the ire of many human rights fundamentalists. The fact is that such software seeks to establish commonalities amongst several database establishing suspicious patterns that may or may not be illegal (Walker, 2003). The law practically permits organizations to look into the information of individuals to establish behavioral patterns that may be indicative of illegal activities (Walker, 2003). In this regard, the USA Patriot Act stands to contradict governmental policies calling for the protection of private information and the requisite permission from the concerned party should such information be obtained (Walker, 2003). However, since the USA Patriot Act is legally subsisting, then banks and other financial institutions cannot be faulted from utilizing the services being offered by such software technologies. It has become, after all, their duty to monitor their accounts and report to the government possible illicit transactions and suspicious behavior in transaction activities (Walker, 2003). As such, while the USA Patriot Act may be peppered with ethical considerations that it is argued to have trampled upon, the subscription of private entities to software technologies such as the SAS Anti-Money Laundering enterprise qualifies as a justified injustice. b. Are there any changes that your corporation must make from an ethical standpoint? In subscribing to the SAS Anti-Money Laundering enterprise, there is very little need to alter in the organization itself. After all, the policy will mostly involve the information technology aspect of the organization and will devolve into the other departments only in terms of the operational changes concomitant to the implementation process (BusinessWire, 2006). This means that mostly, the task will be contained in a specific part of the organization and that the majority will only need to be informed of the general overview of the enactment, the process detailed and the perceived outcome from such policy. From an ethical perspective, there appears to be little to no changes needed to undertake in the organization so as to accommodate the said enterprise. The only matter to be endeavored is the massive and thorough information dissemination drive for the personnel so as to effectuate an effective and efficient system. IV. Best Practices a. What are some of the best practices regarding this regulation? Most business entities ascribing to such technological service need only to choose the best software available in the market and establish an implementation strategy based on such undertaking. Since this policy is restricted to the information technology and need only to be handled by other departments in terms of reporting and monitoring, there is very little to be done in terms of its implementation. V. Implementation Strategy a. Identify the person who will have overall responsibility for the implementation and their key personnel who will be involved in implementing the regulation. Include each team member’s area of responsibility. Management Committee – This would include the top management down to the middle management who will rationalize the need to adhere to the legislative enactment or the USA Patriot Act. They will also be responsible to choose among the software available in the market as to which one is more suitable to their organization. Furthermore, their task will likewise include the plotting of the implementation schedule including the timeline and the personnel involved. Supervisory Level – This encompasses those employees exercising authority over a certain number of personnel. Their primary task is to ascertain that the employees falling within their authority have sufficient knowledge regarding the said policy. However, such knowledge does not require an in-depth understanding of the policy unless as it pertains to the IT group. General Personnel – This refers to the general corporate population that needs to be educated regarding the basic structure of the policy. Information Technology (IT) Department – This particular sector of the organization must have the most sophisticated understanding of the software and the policy which it addresses. They must also be skilled so as to allow them to operate the system to be acquired and be able to generate the required information in compliance to the USA Patriot Act. b. Describe your communication plan in keeping internal and external parties up to date on your progress. With regards the internal communications, office memorandum will suffice articulating the need to ascribe to such system in compliance with federal laws. As a general communications to be disseminated to the entire organization, the basic information of the software should be included and a concise detailing as to how it will be performed. However, this communication should only be undertaken after the software has been properly adapted into the organizational system and mandate (Noe, 2006). On the other hand, in the case of external communication, clients and other third parties must be informed utilizing a more detailed and exact approach. The need to ascribe to such software, its aim, its perceived consequences, its benefits to the organization and a clear indication that such policy would not violate any of their inherent human rights or cause them any harm in any form should be stated (Noe, 2006). The external communications must serve as an assurance to the clients whereas the internal communications shall serve as a notification (Noe, 2006). c. Build a prioritized list identifying the first three areas you would address for implementation. Please explain the reasoning for your prioritization. First Area = Management Committee – The Management Committee is the first area from where the implementation should begin. After all, the initiative should come from their end. To this, the master plan shall be conceived at this juncture which shall redound onto the next echelons of power only after such has been polished. Second Area = Risk Management – This is the second committee to be informed due to the fact that they will be responsible to assess the effectivity of the chosen software. Third Area = Finance Sector – Due to the apparent cost associated with the acquisition of AML software such as the SAS Anti-Money Laundering enterprise, the advice of the finance department must be obtained so that the organization will not be placed on shaky foundation due to the staggering amount funneled into the said acquisition. d. Include a high-level timeline including major milestones. WEEK TASK RESPONSIBLE UNIT 1 assess the requirements indicated under the USA Patriot Act Risk Management Group 2 conduct market research and determine the prevalent manner by which the majority of the respective organizations comply with the said federal law Risk Management Group 3 assess the prevalent software whether such is applicable and best suitable to the organization in question (SWOT analysis) Risk Management Group 4 create a detailed proposal indicating the results gathered from week 1 to week 3 and refer to executive committee Risk Management Group 5 6 7 executive committee shall decide upon the proposal Executive Committee 8 9 revert proposal to the originating party for respective amendments and to address other issues Executive Committee 10 amend proposal and re-submit for authorization Risk Management Group 11 13 executive committee approves proposal Executive Committee 14 15 originating committee and executive committee sits down to discuss implementation strategy Risk Management Group and Executive Committee 16 originating committee details the implementing strategy indicating specific tasks and affected personnel and submits to executive committee for implementation Risk Management Group 17 18 19 executive committee approves and implements the program Executive Committee 20 acquisition of the software Finance Department 21 22 23 24 send out communications to IT department Executive Committee 25 conduct of first batch of training – IT department Software Company 26 27 send out communications to entire organization Executive Committee 28 conduct of second batch of training – designated personnel IT Department 29 conduct of third batch of training – general population of the organization IT Department 30 full implementation Risk Management Group TOTAL = 30 weeks References BusinessWire. (2006, March 15). businesswire.com. Retrieved December 4, 2011, from http://www.businesswire.com/news/home/20060315005449/en/Sky-Financial-Group-SAS-Tackle-Money-Laundering BusinessWire. (2011, June 21). businesswire.com. Retrieved December 4, 2011, from http://www.businesswire.com/news/home/20110621006540/en/SAS%C2%AE-Leading-Anti-Money-Laundering-Software-Market Enzer, G. (2011, July 25). Anti Money Laundering software sees growth: New technologies set to drive 9% annual growth rate, market value to reach $690m by 2015. Retrieved December 4, 2011, from itp.net: http://www.itp.net/585571-anti-money-laundering-software-sees-growth International Federation of Accountants. (2004). Anti-Money Laundering: 2nd Edition. New York: IFAC. Noe, R. (2006). Employee Training and Development. New York: McGraw-Hill. Svoboda, R. (2008, March 27). Retrieved December 5, 2011, from Duffs Device: http://duffsdevice.blogspot.com/2008/03/us-patriot-act-causes-ethical-concerns.html The Washington Times. (2005, November 17). Retrieved December 4, 2011, from washingtontimes.com: http://www.washingtontimes.com/news/2005/nov/17/20051117-111241-2085r/ Walker, D. (2003). USA PATRIOT Act and Libraries: Ethical Concerns and Policy Implications of Section 215. World Bank and IMF Global Dialogue Series. (2002). Anti-Money Laundering and Combating the Financing of Terrorism - Regional Videoconference:. The International Bank for Reconstruction and Development and the International Monetary Fund. Read More