Money laundering and the financing of terrorism are more topical than ever. In 2023, Tracfin, the investigative service attached to the Ministry of the Economy and Finance, will have received no fewer than 190,653 reports of suspicious financial transactions, representing a 15% increase on 2022 and a seven-fold increase in ten years!
An ever-increasing number of regulatory requirements and supervisory authorities
This increase is linked not only to an intensification of dishonest practices given the growing digitalization of the market (boom in electronic transactions, digital payment systems, cryptocurrencies and other online platforms, ...) but also to greater involvement on the part of the organizations and companies concerned, who are reporting more suspicious activities. Legislation relating to AML-CFT has become increasingly complex, and many supervisory authorities are involved, including the Autorité de contrôle prudentiel et de résolution (ACPR), Tracfin, the Autorité des marchés financiers (AMF), the European Anti-Money Laundering Authority (AMLA), the Financial Action Task Force (FATF), the French Treasury, the DGCCRF, the Agence Française Anticorruption (AFA), and the Autorité Nationale des Jeux (ANJ). Not to mention the involvement of a wider range of companies: banking activities, but also commercial court clerks, notaries, lawyers, gaming operators, chartered accountants, etc.
Show your credentials in all areas
To comply with the various legislation at AML-CFT (in addition to all the others, of course), they have to take action in a number of areas:
- Organization, which must be adapted to the requirements of AML-CFT.
- Data collection, for example to complete the QLB questionnaire. The new version of this questionnaire, introduced in 2024 for companies subject to the law, has added no fewer than 247 new questions out of a total of 392, spread over 11 tables.
- Governance: AML-CFT requires close coordination within the company, between finance, audit, legal and risk management departments...
- resources (human and financial): essential for ensuring compliance with legislation and managing time-consuming tasks
- technology: this is essential, given the sheer volume of data to be collected, managed, verified and consolidated.
Unfortunately, any attempt to reinforce AML-CFT produces four "collisions":
Regulatory collision: more and more requirements
In addition to AML-CFT, companies must comply with other, equally structuring regulations, such as CSRD(Corporate Sustainability Reporting Directive) in the field of social and environmental responsibility, DORA(Digital Operational Resilience Act), NIS2(Network and Information Security) and electronic invoicing. Not forgetting MiFID II(Market in Financial Instrument Directive), which regulates companies offering investment services and activities related to financial instruments, and MiFIR(Market in Financial Instrument Regulation), which imposes transaction reporting obligations.
A strategic collision: AML-CFT sacrificed on the altar of cost reduction?
A study by the Boston Consulting Group reveals that cost reduction is at the top of senior management's agenda. At a time when many companies are cutting costs in the context of the economic crisis, and when regulatory compliance entails mandatory costs, companies will have to be even more discerning in their decisions. The AML-CFT web site may well be one of the victims...
An organizational collision, a question of sharing responsibilities
AML-CFT requires closer cooperation between the various entities involved: finance, risk, legal, IT, general management, accounting and cash management departments... The more complex the regulations become, the more necessary and time-consuming the interactions. Here again, it would be regrettable if AML-CFT were to be marginalized in relation to other regulatory obligations, seen as more strategic or more media-friendly (such as CSR, on which many companies focus).
A technological collision: digital transformation, AML-CFT, or both?
For several years now, digital transformation has been a strategic requirement for innovation. According to Gartner, IT investment is the second most important priority for general management, behind growth. But should they invest in digital solutions that create value for customers, support innovation, or focus on those that guarantee regulatory compliance? When budgets are tight, it's not certain that the second approach will prevail...
Regulatory compliance: an increasingly difficult balancing act
In fact, regulatory compliance is becoming increasingly difficult to achieve, as the "plus" (of regulations, data, etc.) meets the "minus" (of budgets, trade-offs in favor of AML-CFT, etc.). In this difficult context, are the approaches and tools used for AML-CFT adapted and calibrated to guarantee regulatory compliance? Not really... On the one hand, because of the persistence of manual processes, which lose efficiency as the spectrum of regulations expands and the volumes of data to be processed explode.
On the other hand, in less mature companies, the various software solutions used for AML-CFT still often operate in silos, according to different needs: business relationship entry, customer knowledge, financial flow analysis, data collection, risk management, fraud detection...
Integration, automation and agility: the winning trifecta
So how do we prevent the demands of AML-CFT from taking second place to digital transformation, which is considered a higher priority, or to CSR, which has siphoned off the bulk of resources?
In addition to training and awareness-raising at AML-CFT, it makes sense to focus on three key principles: integration (to avoid siloed solutions), automation (to lighten resources) and agility (to adapt to increasingly complex regulatory environments).
In this field, RegTechs, in particular AP Solutions IO, federate these three principles:
- integration, with APIs (to CRM and HRIS solutions, for example),
- automation, e.g. of lists, workflows, customer portfolio screening, detection, alerts, decision-making...
- agility, thanks to the Saas model, customizable parameterization, filtering configuration and scalability, to handle growing volumes of data.
This makes it possible to reconcile compliance, digital transformation and agility by improving detection mechanisms.
