Our guess is that you don't know.
The Manual Testing Merry-Go-Round
To understand the effectiveness of your financial crime controls today, you likely manually test a tiny sample of accounts in the hope - or not - of finding that breach of regulation or failure of controls. Finding an issue is a good sign! It means your manual testing is working. But it also means months or years of pain.
After finding an issue, you’ll try to understand a few key things -
- Is this a breach of regulation, or a failure of controls?
- When did the issue first arise?
- How many accounts have been impacted?
- Is the root cause a one-off, or part of a systematic failing?
Whilst the first of these might be easy to answer, the rest are almost always much harder. How can you confidently report to your stakeholders about the origins and size of a breach or failure with only a tiny sample to rely on? Your first idea might be to find the money and people to do more testing to understand the size of the issue, but we know how hard that can be. Instead, you’ll probably have to extrapolate based on your tiny sample size, or try to explain that even 1 account with a regulatory breach can result in a fine.
You tell your stakeholders about the breach or failure, and let’s assume they buy into how big of a problem this could be. Next, you need to find the money and people to fix the root cause. At this point you’ll be hoping for a cheap remediation project for a failure of controls that started yesterday and impacted 1 account. But the chances are slim. Your more realistic hope is that the issue doesn’t result in a regulatory review or fine. Either way, it’ll probably need to be reported to the regulators.
And if you do manage to get the people and money to fix the issue, and if the issue is just a cheap remediation project, do you now know how effective your financial crime controls are?
Our guess is that you still don't know.
Everyone is Ineffective
As an industry we do have a good estimate of our overall effectiveness at stopping money laundering - the UN thinks that globally we stop less than 1% of the $4 trillion dollars laundered each year. Which makes us 99% ineffective.
We think you are great, though, so you are probably stopping more than that! But how much more? Do you think you are 5x better than average, or 10x? Might you be stopping 10% of the money laundering going through your company?
Whatever you think the number might be, the scary truth is that whilst you are on the Manual Testing Merry-Go-Round you can only react to issues that arose months ago, with limited money and people to fix them, and are not able to focus on making your controls more effective.
The industry is ineffective at stopping financial crime, because no one knows how effective they are.
How can you get better at something, if you don't know how good you are today?
If you are always reacting to past issues, how can you plan for a future with more effective controls?
Why manually test 100 accounts, when you can automatically monitor 100%?
Cable is the leader in automated financial crime assurance. We continuously monitor your financial crime controls to help you understand and evidence your compliance, risk management and effectiveness. And most importantly we get you off that Manual Testing Merry-Go-Round.
Over the coming months we will be releasing three blog posts on effectiveness:
- The heavy cost of ineffective financial crime controls
- What the regulators and international bodies are saying about the effectiveness of financial crime controls, and
- How to measure the effectiveness of your financial crime controls
We'll also be releasing product insights to give you a taste of the benefits that Cable brings, including how easy it is to get off that Manual Testing Merry-Go-Round.
Make sure to sign up to our newsletter, Secret Crime Fighters, to hear about it all first!