Selecting an Anti-Money Laundering Software for Your Institution (Part 1 of 3)

10/27/2020 - By Dede Nolan, CFSA, CAFP

Selecting your financial institution’s anti-money laundering (AML) software is a highly critical and usually expensive decision. There are five key decision-making steps to help avoid common pitfalls during the process: planning, implementation, initial testing, activity analysis, and ongoing maintenance.

In this three-part series, I will offer some tips to help you maneuver the process and select the best software to fit your institution’s needs – beginning with planning first, followed by implementation and initial testing. We’ll conclude with a focus on analyzing activity and managing ongoing maintenance of the system.

But first, let us clear up some common misconceptions:

Now that we have set the stage, let’s get started with step one in our process: planning.

Planning

Risk Assessment

It is important to start with your institution’s risk assessment. Your risk assessment includes your customers, your geographic location, and the products and services you provide. If you are an institution with a relatively low-risk tolerance, the system you select will look very different from an institution that engages in large cash and wire transactions. Higher risk institutions might also include customers that are considered money service or marijuana-related businesses. The bottom line is that whatever your risk tolerance falls on the spectrum, be sure your system is up to the task of monitoring those areas and accounts appropriately for any specific reporting required.

Vendor Assessment

Who is your potential vendor? You will be relying on your vendor and their products to assist with your BSA compliance and anti-money laundering efforts, so finding a good match is essential. Some of you will have more options than others depending on your core processor. Many vendors have developed their own AML software which is designed to work with their core processing software. Others have developed AML software that works with a wide variety of core processors. Research here is critical.

Questions to consider:

How long has the vendor had AML products on the market?
What is the vendor’s knowledge of the regulatory environment?
If you are an international institution, can the vendor meet your global needs?
How quickly can the vendor address new areas of concern?
What are other FI's experience with the vendor and software?

Requesting references is often underrated but can be very valuable in avoiding missteps or problems later down the road.

Technology Assessment

Another step in the planning process is the technology aspect of your purchase. First and foremost, you need to determine if the system is compatible with your core processing software and current hardware. Wrong assumptions in this area, can be catastrophic and expensive to fix. You’ll also want to know upfront how much data cleanup will be necessary to fully optimize the system functions and ensure that the system you decide on will cover all (or most) of the products and services you offer.

Questions to consider:

Are their standardized rules and how much will you have to customize the system to fit your FI’s risk profile?
Does the system provide a clear audit trail for changes to system parameters?
What are the system’s security features?
Does your core system have different transaction codes so the system can differentiate between specific transaction types?

Cost Assessment

“Cost is not an issue…” no one ever said. Always ask your vendor how their pricing works; is it per user, transaction volume, or site license? Ensure you have a clear understanding of the cost of implementation, initial and ongoing training required, and all costs associated with that training. It is also important to determine if the cost includes all modules needed for your institution.

Questions to consider:

What is the cost of upgrades?
Will new hardware be needed to properly support the software?

There are many important factors to consider in the planning phase alone, but in my experience, it pays off to consider these factors every time in the long run. Adequate planning helps to avoid costly misjudgments and mistakes. This sets you up for success in the implementation and initial testing phases, which we will cover next in part 2 of this series. Stay tuned!

If you have questions or would like assistance as you begin selecting and implementing your institution’s AML software, please reach out to me or a member of our team.

About the Author | Dede Nolan, CFSA, CAFP
Dede is a Certified Financial Services Auditor and has been an important member of the consulting team in Saltmarsh’s Financial Institution Advisory Group since 1989. She has worked extensively with our financial institution clients, providing Bank Secrecy Act (BSA), BSA model data validation, deposit compliance, trust internal audits and other consulting services. Connect with Dede on LinkedIn!